Why doesn't bitcoin have a "freeze" function?

[larry_vw_1955]

I was trying to make a payment using my credit card last night and it was being declined and I was like what the heck. So I thought maybe they close my account since it been over  a year since I used it. Instead of calling, I logged into my account online to see if maybe it would be of any help in seeing if my account is having a problem, well it looked fine like it is still open. Hmm. Now I'm thinking I need to call them because I don't know what the heck is going on why it is being declined. But then I see a button at the top of the screen that says "Your account is frozen, you can unfeeze it by clicking this button." Then I remembered I had frozen the account by clicking the freeze button a year or so ago so that no one can do any activity on my account not even me! Well I guess it worked fine!

But now I needed to unfreeze my account so I can do a transaction I need so I click on unfreeze and bada bing bada boom, I tried doing the transaction again and it worked. If I wanted to I could click the freeze button again and put my card back into a deep freeze so that no one can use it even if they know the credit card #, expiration date and special number on the back of the card (call it a private key if you like). That's pretty amazing tech, don't you guys think?

I forgot to re-freeze my card so hopefully no one has used it in the last 24 hours or so that I don't know about!

[1714233960]

1714233960

[1714233960]

1714233960

[ranochigo]

You can freeze your outputs with specific time parameters, so that the outputs in that specific address can't be spent until the time has elapsed.

If your idea is to freeze your Bitcoins as and when you like as a security measure, that doesn't really improve your privacy significantly. Your security should be guaranteed by how you handle your keys and your security habits.

[nc50lc]

-snip-

Electrum has that function; but it's more of a "coin-control" feature than safety.
Because it's possible client side - freeze an address or UTXO from being spent (though that client) but it wont stop anyone who already got your private keys from spending your coins.

I don't think it's possible to freeze coins in the blockchain unless those are locked using a script that can be frozen/unfrozen any time which I don't think we have (please inform me if there's one).

[garlonicon]

You can always lock your funds using 2-of-2 multisig, where the first key is your real public key and the second key controls your freeze/unfreeze options. Then you need both to spend any funds.

[PrimeNumber7]

You can freeze your outputs with specific time parameters, so that the outputs in that specific address can't be spent until the time has elapsed.

I don't think a nTimeLock parameter would help the OP, at least not alone. From what I can tell, the OP wants the ability to "freeze" his coin as a security measure. If the OP's private keys are stolen, the attacker could simply wait for the time lock to expire. Also, the OP would be unable to spend his coin at an arbitrary time.

Your security should be guaranteed by how you handle your keys and your security habits.

This is an important point. Bitcoin (and altcoins) is much less forgiving than the traditional banking system. With the banking system, if someone obtains your credit card information, you will typically not be on the hook for unauthorized transactions. The "freeze" feature as described by the OP is really more of a loss prevention measure for the bank as the bank is the one who will be on the hook if there is an unauthorized transaction.

I don't think this solves the OP's problem.

You can always lock your funds using 2-of-2 multisig, where the first key is your real public key and the second key controls your freeze/unfreeze options. Then you need both to spend any funds.

This is probably the closest thing to a solution for the OP. Although an alternative would be to just have one key and keep that key secure.

[pooya87]

You can always lock your funds using 2-of-2 multisig, where the first key is your real public key and the second key controls your freeze/unfreeze options. Then you need both to spend any funds.

A 2 of 2 multisig doesn't "freeze" anything, you will need both keys at all times to be able to spend coins from the created address. Additionally "freezing" usually requires a time component where user locks up their coins for a certain period of time which is not possible with multisig.

[valentine wheeler]

The wallet of a centralized exchange can be frozen, so the bitcoins in the wallet will also be frozen.

However, because of the anonymity of the blockchain and the characteristics of distributed accounting, the Bitcoin of the cold wallet cannot be frozen unless someone else uses illegal means to force you to surrender your private key.

Why is there a Bitcoin slogan: Your money is your money. Bitcoin makes us truly masters and free.

[nc50lc]

I don't think this solves the OP's problem.

Yes, that's what the first part of my reply is all about: there's a client with freeze feature but it doesn't fit OP's use-case.

[vjudeu]

A 2 of 2 multisig doesn't "freeze" anything, you will need both keys at all times to be able to spend coins from the created address.

You can have signed transaction that will allow for example to send coins only to selected address. You can make some such transactions upfront, sign it with your "freeze key" and then pick one of them, sign it with your "real key" and broadcast. Also, multisig can be combined with locktime if needed.

Additionally "freezing" usually requires a time component

There is some weird and inefficient way to "freeze" coins without any timelock, for example someone can start with some public key, add some nonce, and increment it until hitting some target. Then, it is possible for example to store that key in some safe place, but store only the starting point in the wallet. In this way, it is possible to unlock the key after redoing all computations, which takes time, so it is guaranteed that for example you need 2^48 operations to recover your key.

If all computations are linearly dependent, so you have to calculate step N to make it possible to calculate step N+1, then you have to do all computations upfront. But if opcodes like OP_CAT or OP_SUBSTR could be used, then it is possible to do that kind of timelock without setting any time.

That kind of "pseudo-locktime" better fits locktime encrypted files (so that they can be decrypted only after doing some computations), but you can use the same technique for locking coins, signed transactions or any other blockchain-related data you want. More about that: https://www.gwern.net/Self-decrypting-files

[larry_vw_1955]

-snip-

Electrum has that function; but it's more of a "coin-control" feature than safety.
Because it's possible client side - freeze an address or UTXO from being spent (though that client) but it wont stop anyone who already got your private keys from spending your coins.

It won't? That's terrible! Well that's not going to work!

I don't think it's possible to freeze coins in the blockchain unless those are locked using a script that can be frozen/unfrozen any time which I don't think we have (please inform me if there's one).

Will do!

You can freeze your outputs with specific time parameters, so that the outputs in that specific address can't be spent until the time has elapsed.

I know but the problem is, when I need to use my money I need to use it. I can't really afford to always wait for days or weeks for something to get unlocked. I might be able to wait for hours or a couple days at most but then once I use what I need, I need to be able to freeze my address again until the next time comes around. The truth is though sometimes I might even need to use my money on the spur of the moment without any waiting at all!

I don't think a nTimeLock parameter would help the OP, at least not alone. From what I can tell, the OP wants the ability to "freeze" his coin as a security measure. If the OP's private keys are stolen, the attacker could simply wait for the time lock to expire. Also, the OP would be unable to spend his coin at an arbitrary time.

On point. The part about spending my money at an "arbitrary time" thanks for bringing that up too.

The "freeze" feature as described by the OP is really more of a loss prevention measure for the bank as the bank is the one who will be on the hook if there is an unauthorized transaction.

Well I don't know about that but what I do know is it give me an incredible peace of mind knowing that because I clicked the freeze button, there is no transactions being done with my card. But the moment I need to, I can just click on unfreeze and do my business and then freeze it again, making it impervious to the outside world even if they know my card number and such. that's security, I tell you!

Now there is that matter of what would happen if I lost my credit card and someone else found it and I didn't even know about it. Well, I'll be happy to explain what would happen in that case too. You see, they wouldn't be able to use it even though they had it in their physical possession. Even with the 4 digit code number on the back of the card it would do them no good. Because when they tried to go to an atm machine or buy something, it would get declined period the end. And when I got around to noticing that someone had stolen my card, I could just call the bank and get a new one sent out, credit line transfers over to the new card. You can't beat that! I'm sure bitcoin will get to that level at some point. which will be cool. maybe that's part of taproot, not sure! there's alot of taproot experts out there, and i wouldn't put it past them to understand how that could work with this.

A 2 of 2 multisig doesn't "freeze" anything, you will need both keys at all times to be able to spend coins from the created address. Additionally "freezing" usually requires a time component where user locks up their coins for a certain period of time which is not possible with multisig.

You see I was thinking of making my friend an authorized cardholder but I told them you can't just spend money without my approval. They said they would always ask me before they tried to do any transactions. So I ordered them a credit card with their name on it the funny thing is it had my account number on it! Same credit card number as my credit card. I guess theyre really serious about me being on the hook for anything my friend would spend with their card. What I figured out though is, I would probably have the ability to "freeze" their card and keep it in that state until they came to me and asked for permission to use it and then I woud unfreeze it so they could buy what we  agreed on but the thing is, how do I know how much they are going to spend? That's the real problem. I'm on the hook for whatever they decide to spend when its in the unfrozen state. After a bit of thinking about it, I came to the realization that it would simply be easier for me to just keep my credit card to myself and if I want to buy them something I can do it that way.

You can have signed transaction that will allow for example to send coins only to selected address. You can make some such transactions upfront, sign it with your "freeze key" and then pick one of them, sign it with your "real key" and broadcast. Also, multisig can be combined with locktime if needed.

That's the problem with my credit card company though. When my card is in the frozen state, I can't even create transactions that a vendor would broadcast at a later time. Can you imagine that? They wouldn't even just take down my card information and give me 30 minutes to get home to my ultrasecure desktop airgapped computer to unfreeze my credit card. How dare they?

 

Additionally "freezing" usually requires a time component
There is some weird and inefficient way to "freeze" coins without any timelock, for example someone can start with some public key, add some nonce, and increment it until hitting some target. Then, it is possible for example to store that key in some safe place, but store only the starting point in the wallet. In this way, it is possible to unlock the key after redoing all computations, which takes time, so it is guaranteed that for example you need 2^48 operations to recover your key.

Yeah I tried that method with my credit card actually and it didn't work here's what happened. I put my credit card in a glass bottle and buried it in my garden. That way no one could ever use it, except me, right? Problem is someone somehow got ahold of my credit card number and used it to subscribe to some porn website. The credit card company was familiar with the porn website and contacted them to see if it was really me. Turns out, they don't know who it was but they can't prove it was me so I got my money back. But I sure am glad that my credit card company implemented this "freeze" feature because now I don't have to go digging it up in the garden everytime I want to use it.

Oh and I finally found out how someone got ahold of my card number too, they were just rummaging through some trash and found an old credit card statement it wasn't even the statement for my credit card though can you believe that? But the account numbers were close and they made a mistake typing in the card number off the trash they found and that typo ended up being bad news for me but as I said, the credit card company made me whole again. So it's all good.

[moderator's note: consecutive posts merged]

[larry_vw_1955]

So basically you want to prevent people who have private key of your Bitcoin address can't steal your Bitcoin while it's frozen.

 I mean after all that's how it works with my credit card. I lost it once and someone found it but since it was frozen, they couldn't use it AT ALL. Not only that but I didn't lose any money either. My credit line transferred over to the new card the credit card company issued me. And guess what? It was not the same card number as the old one, if that's any help. Dave in card services was really helpful. I told him i felt like an idiot for losing my card and he said no problem they understand and it happens don't worry about it.

 But on protocol level, how do you freeze the address and how node can verify that you're the owner the address?

Well, I can't really answer that about bitcoin but I know how it works with my credit card if that would help. they have a big database and in the tables, there's a field that can be marked with F for frozen or U for unfrozen. Everytime a transaction comes in, they pull up that record in the database for my card and check if the field is F or U. If it is F then it won't approve.

The only answer i can think is by creating cryptography signature from your private key.

OK. So it really can work is what you're saying?

[o_e_l_e_o]

It sounds like you could achieve the kind of set up you are looking for with a 2FA wallet. It's not exactly the same as freezing an address, but it would achieve a very similar outcome:

With your credit card, someone can steal your credit card or steal your credit card number, and not be able to spend your money unless they can also break in to your credit card account and hit the "unfreeze" button.

With a 2FA account, someone can steal your wallet file or steal your private key, and not be able to spend your coins unless they can also break in to your phone and access the 2FA code.

The downsides to this approach are that Electrum's 2FA charges an additional fee, but you could get around this by using a manual multi-sig set up. You also need your wallet and 2FA app (or both wallets if doing it yourself) to be on different devices, so the compromise of one device doesn't lead to the compromise of both factors/private keys needed to sign a transaction.

[DannyHamilton]

You are thinking of Bitcoin as an electronic payment system instead of as a currency.

If you have cash in your wallet in your back pocket, there is no way to "freeze" that.  If anyone get's their hands on your wallet, they can spend the cash that is in it.  The way you protect your cash from being spent is to do one of two things. You either make sure that the cash is always under your control (that nobody else has physical access to it), or you find a trusted third party (such as a bank) and you give it to them, trusting that they will make sure that the cash is always under THEIR control (using economy of scale, they can implement more expensive vaults, guards, security systems, and insurance than you can).

IF you choose to trust someone else (such as a bank) to maintain control of your funds, THEN they can provide a method for you to "lock" your account with them so that no transactions can occur until you perform some "unlocking" action.  Of course, if the thief can figure out out to perform the unlocking action, then they'll still be able to access the account.

This is exactly how Bitcoin works.

If you use your own wallet, and you have control of your private keys, then it is up to you to secure those private keys so that nobody else can access them. This is like cash in your back pocket, or in a small safe in your house, or hidden in a drawer somewhere in your house, etc.

If you choose to use a custodial service, then you can turn over complete control of your bitcoins to that service. That service can then make transactions on your behalf whenever you ask them to. You'll have to trust that they'll do a good job of securing the bitcoins that they are holding for you against both outside attackers and internal fraud. It would be easy for such a service to provide a "locking" method where they would refuse to create any transactions on your behalf until you perform an "unlocking" action. This is like depositing your cash into a service (such as a bank).

Coinbase already offers something like this with their 2FA system.  You can "lock" your Coinbase account with 2FA, and then they will refuse to send any transactions on your behalf unless you provide the appropriate 2FA value to "unlock" your account for that single transaction.

[kaggie]

If I wanted to I could click the freeze button again and put my card back into a deep freeze so that no one can use it even if they know the credit card #, expiration date and special number on the back of the card (call it a private key if you like). That's pretty amazing tech, don't you guys think?

Wouldn't transferring balances to and from that wallet/key be effectively the same thing?

I'm not sure how freezing would work without a higher authority, which would no longer be bitcoin.

[larry_vw_1955]

It sounds like you could achieve the kind of set up you are looking for with a 2FA wallet. It's not exactly the same as freezing an address, but it would achieve a very similar outcome:

I have 2FA set up with paypal, but it's a real pain in the ass. Everytime I login I have to go to my authenticator and get a 6 digit code. But I do it because someone actually logged into my paypal account once and tried to transfer alot of money straight out of my bank account to another country.

With your credit card, someone can steal your credit card or steal your credit card number, and not be able to spend your money unless they can also break in to your credit card account and hit the "unfreeze" button.

There's a very small chance they could not only get ahold of my credit card info and also manage to login to the credit card website into my account but that's REALLLLLY unlikely.

With a 2FA account, someone can steal your wallet file or steal your private key, and not be able to spend your coins unless they can also break in to your phone and access the 2FA code.

Well, I mean, 2FA is meant to protect my local wallet from getting hacked. I keep my computer in a dungeon basement with 15 inch thick steel walls and AR-15 rifles on each wall. That's what I use for making sure no one get my wallet file. Oh also I use Mcafee antivirus to keep out the hackers from invading my computer. I do keep my private seed on that computer which is connected to the internet though...

The downsides to this approach are that Electrum's 2FA charges an additional fee, but you could get around this by using a manual multi-sig set up.

 I'm sure TrustedCoin is legit but if they went out of business then I could be really screwed up. I'm sure they would try to do the right thing but no thanks.

You also need your wallet and 2FA app (or both wallets if doing it yourself) to be on different devices, so the compromise of one device doesn't lead to the compromise of both factors/private keys needed to sign a transaction.

Well yeah. I mean that's a good safety measure. People don't always do what you're suggesting but it certainly is in their best interest.

Coinbase already offers something like this with their 2FA system.  You can "lock" your Coinbase account with 2FA, and then they will refuse to send any transactions on your behalf unless you provide the appropriate 2FA value to "unlock" your account for that single transaction.

I trust coinbase with the $3 i earn here and there. nothing more. in general, i dont place too high a premium on exchanges. they are useful for getting crytpo but i like to get it the helll out of there asap.

What i say it won't work if you use private key for freeze/unfreeze address and spend your Bitcoin. The hacker who have your private key will simply unfreeze and spend your Bitcoin.

Yeah that's a good point. So what you're saying is we don't want the freeze/unfreeze feature to be solely dependant upon knowing the particular bitcoin addresse's private key. I think I see what you're saying. Now the question is, how are we going to implement it then ?


1) Bitcoin address X wants to add the freeze feature. So it generates a special bitcoin address F.

2) This new address F will control the state of address X.

3) When the user wants to freeze address X, they send a transaction to address X using a special opcode.

4) The first time a user freezes their address X using address F, miners will create a record in a special database that lists address X along with its related controlling address F. A flag field will be toggled to "1" which will represent the frozen state.

5) If a transaction is ever attempted from address X in the frozen state, miners will reject it because they will first consult their database and see that address X is in the frozen state. Assuming no other reasons for which the transaction would be invalid, they can provide an error code indicating the address is frozen and thus the transaction cannot be completed.

6) When the user wants to unfreeze address X, they just send a transaction to address X from address F using the same opcode.

7) Miners will update their database and update the record for address X by toggling its flag field to "0" which will represent the unfrozen state.

If a transaction is ever attempted from address X in the unfrozen state, miners will first consult their database and see that address X is in the unfrozen state and then continue to process the transaction as normal. If it passes all the other consensus rules then it will be accepted.

Do you guys think this would work? I spent the better part of a day coming up with it so I sure hope so! Let's turn this baby in to a BIP.
 













[moderator's note: consecutive posts merged]

[vjudeu]

If a transaction is ever attempted from address X in the frozen state, miners will reject it because they will first consult their database and see that address X is in the frozen state.

It can be easier than you think. No coin can be spent twice, so the only thing you need to "freeze" funds is just spending them. You can send coins to yourself, in this way the old address is "frozen", because coins can no longer be spent, but that second address can control freezing and unfreezing, because all you need to unfreeze your coins is just sending them back to the same address. Of course address reuse is a bad idea, so you can use fresh address from some HD wallet every time.

To control freezing and unfreezing you don't have to store private keys online. You can have some signed transactions prepared upfront and just broadcast them when you need.

Wouldn't transferring balances to and from that wallet/key be effectively the same thing?

Exactly, it would be the same.

[Pmalek]

Well I don't know about that but what I do know is it give me an incredible peace of mind knowing that because I clicked the freeze button, there is no transactions being done with my card. But the moment I need to, I can just click on unfreeze and do my business and then freeze it again, making it impervious to the outside world even if they know my card number and such. that's security, I tell you!

I don't have such a feature on my cards so I am not exactly sure how it works. I assume all you need to do to freeze/unfreeze your account is log in to your online banking account, enter your password or maybe a PIN and that's it. Although it's a good security feature, it isn't exactly high-tech. If someone stole your PIN/password/whatever you use to freeze/unfreeze your credit card, they could do it as well.

If you are concerned about someone being able to spend your digital assets by discovering your seed, why not extend it with a passphrase? No one would be able to steal your coins unless they have the passphrase as well. You can compare that seed extension to the password you use to freeze your credit card with.   

[larry_vw_1955]

I don't have such a feature on my cards so I am not exactly sure how it works. I assume all you need to do to freeze/unfreeze your account is log in to your online banking account, enter your password or maybe a PIN and that's it. Although it's a good security feature, it isn't exactly high-tech. If someone stole your PIN/password/whatever you use to freeze/unfreeze your credit card, they could do it as well.

Yeah I'm not sure all cards have that feature but mine does. I don't even have to enter any pin # or password or anything. I just click the 
"freeze" button at the top of the webpage once I am logged in and it's that simple. Then the button says "Unfreeze". These actions take place immediately. From my experience.

If you are concerned about someone being able to spend your digital assets by discovering your seed, why not extend it with a passphrase? No one would be able to steal your coins unless they have the passphrase as well. You can compare that seed extension to the password you use to freeze your credit card with.   

Well for one thing, I'm talking about an individual single bitcoin address. It doesnt have a seed or passphrase. What I'm talking about is making the utxos for a given address inactive. That's what freezing means to me.

It can be easier than you think. No coin can be spent twice, so the only thing you need to "freeze" funds is just spending them. You can send coins to yourself, in this way the old address is "frozen", because coins can no longer be spent, but that second address can control freezing and unfreezing, because all you need to unfreeze your coins is just sending them back to the same address. Of course address reuse is a bad idea, so you can use fresh address from some HD wallet every time.

My proposal makes the utxos inactive, unable to be spent until a certain action is performed first. Sweeping the address would just kick the can down the road in the sense that the utxos are basically still active and able to be spent but they just belong to a different address. That's not what "freezing" is all about.

Additionally, if someone had an address that had a large number of utxos it could be quite costly to transfer them all to a new address. With my proposal, they wouldn't have to do that. Because they are frozen in place. And the transaction that freezes them would be tiny. Thus costing as little as possible. And removing the real risk that they enter the destination address incorrectly and lose all their funds or they get some malware that changes their address and they lose everything. With my solution the bitcoins are never touched or moved anywhere.

Wouldn't transferring balances to and from that wallet/key be effectively the same thing?

Exactly, it would be the same.

Not at all the same. My proposal could easily be extended to offer multiple states in which even greater functionality would be possible. Say you had an address that had 10 bitcoins in it and you were worrried that someone might hack your private key and drain the funds in one fell swoop. Well, just put your address into a state which says they can only spend 0.01 bitcoin every 144 blocks (everyday). Since you don't usually spend more than that much in a single purchase, it won't affect you. But it would take a hacker quite a long time to drain all your funds. And you would probably notice it long before they got anything substantial from it. Since you check your balance at least once a week.

[moderator's note: consecutive posts merged]

[o_e_l_e_o]

I do keep my private seed on that computer which is connected to the internet though...

Then you need to stop worrying about some incredibly unlikely scenario in which someone breaks in to your house to physically access your computer to steal your coins, and start instead worrying about the fact that you are storing your seed phrase on an internet connected device. The latter is far more likely to result in your coins being stolen. This is like worrying about your seat belt being too loose while ignoring the fact that your brake pedal doesn't work.

I'm sure TrustedCoin is legit but if they went out of business then I could be really screwed up. I'm sure they would try to do the right thing but no thanks.

When setting up a 2FA Electrum wallet, you are still provided a seed phrase which will provide you with all the information necessary to sign a transaction on your own. Should TrustedCoin go out of business, you can simply restore a full wallet from your seed phrase and access your coins.

[larry_vw_1955]

Then you need to stop worrying about some incredibly unlikely scenario in which someone breaks in to your house to physically access your computer to steal your coins, and start instead worrying about the fact that you are storing your seed phrase on an internet connected device. The latter is far more likely to result in your coins being stolen. This is like worrying about your seat belt being too loose while ignoring the fact that your brake pedal doesn't work.

got you boss.

When setting up a 2FA Electrum wallet, you are still provided a seed phrase which will provide you with all the information necessary to sign a transaction on your own. Should TrustedCoin go out of business, you can simply restore a full wallet from your seed phrase and access your coins.

i'll definitely check that out boss. and just for my own enjoyment I hope you wouldn't mind if I assign a uuid to this thread so that I can use it for reference purposes. the entire thread i mean.

61842BEE-940A-40E5-9896-00B427E85790

[PrimeNumber7]

1) Bitcoin address X wants to add the freeze feature. So it generates a special bitcoin address F.

2) This new address F will control the state of address X.

3) When the user wants to freeze address X, they send a transaction to address X using a special opcode.

4) The first time a user freezes their address X using address F, miners will create a record in a special database that lists address X along with its related controlling address F. A flag field will be toggled to "1" which will represent the frozen state.

5) If a transaction is ever attempted from address X in the frozen state, miners will reject it because they will first consult their database and see that address X is in the frozen state. Assuming no other reasons for which the transaction would be invalid, they can provide an error code indicating the address is frozen and thus the transaction cannot be completed.

6) When the user wants to unfreeze address X, they just send a transaction to address X from address F using the same opcode.

7) Miners will update their database and update the record for address X by toggling its flag field to "0" which will represent the unfrozen state.

If a transaction is ever attempted from address X in the unfrozen state, miners will first consult their database and see that address X is in the unfrozen state and then continue to process the transaction as normal. If it passes all the other consensus rules then it will be accepted.

Do you guys think this would work? I spent the better part of a day coming up with it so I sure hope so! Let's turn this baby in to a BIP.

What you describe is just a complicated and more expensive version of 2-of-2 multi sig. in order to spend the coin, you need the private keys for address x and address F.

As Danny mentioned above, your coin should not be thought of as an account, but rather as cash.

As I mentioned above, “freezing” your credit card is a loss prevention feature to prevent losses for your bank, not you. With credit cards, you are generally not liable for unauthorized transactions.

[larry_vw_1955]

in order to spend the coin, you need the private keys for address x and address F.

to unfreeze and spend you would need both but once it is unfrozen, they can do as many single sig transactions as they want to which is more convenient to the end user. Once they are done they can lock it up again by signging once with their private key. that's the theory of it anyway.

As I mentioned above, “freezing” your credit card is a loss prevention feature to prevent losses for your bank, not you.

I get that totally 

[o_e_l_e_o]

to unfreeze and spend you would need both but once it is unfrozen, they can do as many single sig transactions as they want to which is more convenient to the end user. Once they are done they can lock it up again by signging once with their private key. that's the theory of it anyway.

Then just use a multi-sig cold storage set up combined with a standard single-sig wallet. The single-sig wallet can be a hot wallet for portability and convenience, or can be a hardware wallet or cold storage itself for added security.

Think of your coins in the multi-sig as "frozen". No one can access them without gaining access to 2 (or more) private keys, just like someone wanting to use your credit card needs to gain access to 2 factors - your credit card itself and your online account. When you want to "unfreeze" the coins, send them from this multi-sig address to your single-sig address and make as many transaction from this single-sig as you like. When you want to "freeze" them again, send them back to the multi-sig cold storage.

The bonus of this set up is you do not need to "unfreeze" your entire stack, and can choose to only "unfreeze" as many coins as you want to at the time.

[o_e_l_e_o]

While it's good alternative, it could be costly if OP doesn't pay attention about transaction fee or the wallet has poor UTXO selection.

True, but taproot would keep the multisig transactions as small as possible, and if he does pay attention to his UTXOs then he could potentially save money over "unfreezing" unnecessary UTXOs only to have to "freeze" them again. Seems like the simplest solution to what he wants to achieve.

[larry_vw_1955]

While it's good alternative, it could be costly if OP doesn't pay attention about transaction fee or the wallet has poor UTXO selection.

True, but taproot would keep the multisig transactions as small as possible, and if he does pay attention to his UTXOs then he could potentially save money over "unfreezing" unnecessary UTXOs only to have to "freeze" them again. Seems like the simplest solution to what he wants to achieve.

In my ideal scheme that I have proposed (who knows if it is actually feasible/reasonable to expect devs to ever consider), the utxos are all turned on and off together like lightbulbs on a christmass tree. no need to worry about which ones to freeze and unfreeze in order to construct your transaction.

to unfreeze and spend you would need both but once it is unfrozen, they can do as many single sig transactions as they want to which is more convenient to the end user. Once they are done they can lock it up again by signging once with their private key. that's the theory of it anyway.

Then just use a multi-sig cold storage set up combined with a standard single-sig wallet. The single-sig wallet can be a hot wallet for portability and convenience, or can be a hardware wallet or cold storage itself for added security.

Think of your coins in the multi-sig as "frozen". No one can access them without gaining access to 2 (or more) private keys, just like someone wanting to use your credit card needs to gain access to 2 factors - your credit card itself and your online account. When you want to "unfreeze" the coins, send them from this multi-sig address to your single-sig address and make as many transaction from this single-sig as you like. When you want to "freeze" them again, send them back to the multi-sig cold storage.

The bonus of this set up is you do not need to "unfreeze" your entire stack, and can choose to only "unfreeze" as many coins as you want to at the time.

i always feel stupid when i come up with some complicated scheme and then someone introduces me to something that already exists and does the same exact thing 

your idea is pretty close to the same end effect but the method is not the same. the only thing i would argue here is the funds in a 2of2 multisig, their utxos are not in any type of frozen state. with my idea which i know is crazy, the utxos have a state. the state must be changed before they can be spent. how that state gets changed should be cheaper than having to combine alot of utxos and send them to somewhere else to be spent.

[moderator's note: consecutive posts merged]

[BlackHatCoiner]

I think that you didn't pay attention to DannyHamilton's post, which was a wonderful read by the way.

You probably haven't understood that this electronic payment method is a currency. Note that it's significant and completely different from payment processors. When you're using your credit card to buy something, you become in debt of this purchase in fiat. When, your Netflix sweeps you money from your bank account for the monthly payment, it debts you in fiat. Unless you pay someone in cash, you're getting constantly in debt for your purchases.

Your credit card and your bank account aren't currencies; they manage to debt you in a currency, which is fiat. In Bitcoin, if you make a purchase, you aren't in debt of anything; the confirmed transaction is a proof that you paid your dues. I don't know if you understand this, but it's significantly different.

If you wanted from Bitcoin to have a “freeze” option you should deposit it on a third party and they'll freeze your money (which is no longer yours) whenever you told them to.

[vjudeu]

In my ideal scheme that I have proposed (who knows if it is actually feasible/reasonable to expect devs to ever consider), the utxos are all turned on and off together like lightbulbs on a christmass tree. no need to worry about which ones to freeze and unfreeze in order to construct your transaction.

If you don't want to choose your UTXO, then you have to accumulate everything on one UTXO. Because transaction fees depend on transaction size, people have incentive to use as small number of UTXO's as possible. There are coins like Ethereum where everything is account-based and all amounts are automatically accumulated, but that's the same level of privacy than using single UTXO in Bitcoin. If you have more splitted funds, you have better privacy, but you can always send coins to yourself and have just one UTXO if you really want.

[larry_vw_1955]

I think that you didn't pay attention to DannyHamilton's post, which was a wonderful read by the way.

Yes it was wonderful and yes I did read it. I'll make up a more formal reply to his posting in that case. Since you seem to feel that I didn't notice it. thanks

If you don't want to choose your UTXO, then you have to accumulate everything on one UTXO. Because transaction fees depend on transaction size, people have incentive to use as small number of UTXO's as possible. There are coins like Ethereum where everything is account-based and all amounts are automatically accumulated, but that's the same level of privacy than using single UTXO in Bitcoin. If you have more splitted funds, you have better privacy, but you can always send coins to yourself and have just one UTXO if you really want.

You just gave me another amazing idea! But I'm not sure if it would be possible to implement but I'll maybe try and think about it a bit more and make a posting sometime. I don't think the boys can handle too many new ideas in one single thread you know

You are thinking of Bitcoin as an electronic payment system instead of as a currency.

If you have cash in your wallet in your back pocket, there is no way to "freeze" that.  If anyone get's their hands on your wallet, they can spend the cash that is in it.  The way you protect your cash from being spent is to do one of two things. You either make sure that the cash is always under your control (that nobody else has physical access to it), or you find a trusted third party (such as a bank) and you give it to them, trusting that they will make sure that the cash is always under THEIR control (using economy of scale, they can implement more expensive vaults, guards, security systems, and insurance than you can).

I'm not sure why it is but I don't think I would trust anyone with holding my bitcoin for me. But yet, I trust them with my small lifetime savings they haven't stole it from me yet and they do let me spend it if i want to but I'm not dumb enough to think that they are my friend. And that they wouldn't do what is in their best interest even if it hurt me, a customer, if it came to that. I don't mind my cash being under their control but I do mind my bitcoin being in that status! Now putting an flash drive with my private key inside a lockbox at the bank well i don't consider that being under their control. they're not even supposed to open the box.

IF you choose to trust someone else (such as a bank) to maintain control of your funds, THEN they can provide a method for you to "lock" your account with them so that no transactions can occur until you perform some "unlocking" action.  Of course, if the thief can figure out out to perform the unlocking action, then they'll still be able to access the account.

the problem with trusting someone like is they might lock your funds when you don't want them to and never gave them permission to. they might go out of business. they might have a rogue employee that goes on a spending spree with my bitcoin. never say never.

This is exactly how Bitcoin works.

I can play the role of the bank too, if I have the features built into the particular cryptocurrency such as the ability to freeze and unfreeze my own address.

If you use your own wallet, and you have control of your private keys, then it is up to you to secure those private keys so that nobody else can access them. This is like cash in your back pocket, or in a small safe in your house, or hidden in a drawer somewhere in your house, etc.

If you choose to use a custodial service, then you can turn over complete control of your bitcoins to that service. That service can then make transactions on your behalf whenever you ask them to. You'll have to trust that they'll do a good job of securing the bitcoins that they are holding for you against both outside attackers and internal fraud. It would be easy for such a service to provide a "locking" method where they would refuse to create any transactions on your behalf until you perform an "unlocking" action. This is like depositing your cash into a service (such as a bank).

The problem with the above scenario is I have no way of knowing how good of a job they are actually doing and as you said I have to just "trust". The last thing I want is handing over complete control of bitcoins to a custodial service because I am not sure they are going to be trustworthy. Custodial services could freeze your account if they wanted to without your permission. What would you do then?

Coinbase already offers something like this with their 2FA system.  You can "lock" your Coinbase account with 2FA, and then they will refuse to send any transactions on your behalf unless you provide the appropriate 2FA value to "unlock" your account for that single transaction.

Well I don't think coinbase has very good customer service. I would be very hesitant to do business with a company who I can't get ahold of on the phone anytime I want to. Now I can get off my soapbox.

[moderator's note: consecutive posts merged]

[BlackHatCoiner]

I'm not sure why it is but I don't think I would trust anyone with holding my bitcoin for me.

But, you do trust a bank for holding your money which can be frozen anytime, right?

the problem with trusting someone like is they might lock your funds when you don't want them to and never gave them permission to. they might go out of business. they might have a rogue employee that goes on a spending spree with my bitcoin. never say never.

There are lots of problems with trusting someone, but only if you have a trusted third party, you can use this frozen “feature”.

I can play the role of the bank too, if I have the features built into the particular cryptocurrency such as the ability to freeze and unfreeze my own address.

But, for the bank, the money aren't frozen. They can move them whenever they want. Again, you have to be their client in order to freeze your own money.

[larry_vw_1955]

But, you do trust a bank for holding your money which can be frozen anytime, right?

Money is different than bitcoin. Money belongs to the government and they control it. Banks are part of that system. Bitcoin is totally different. The government also has insurance on your money so they guarantee you can't lose it. I don't think they could do that for bitcoin.
Of course, it can be debated whether the us government fdic insurance really means anything or not. But I'm not here to make that discussion :-)

There are lots of problems with trusting someone, but only if you have a trusted third party, you can use this frozen “feature”.

There is no such thing as a "trusted third party" there are just "third parties" in view of things. But hey everyone can see things how they wish. Now there may be such things as "parties you are kind of forced to trust but really don't want to" etc. I'm sure we all know abut that.

But, for the bank, the money aren't frozen. They can move them whenever they want. Again, you have to be their client in order to freeze your own money.

I think usdc has a feature where they (THE ADMINS) can freeze particular addresses. I'm against that to be quite honest. But I'm all for each individual having soverignty to manage their own funds and freeze them if they had the ability to. THANKS.

[pooya87]

Money is different than bitcoin. Money belongs to the government and they control it.

The correct term is "fiat" not money.
Money is any object or verifiable record that is used for payment. So technically money is the bigger category that contains both fiat and bitcoin.

[BlackHatCoiner]

Money is different than bitcoin. Money belongs to the government and they control it. Banks are part of that system. Bitcoin is totally different. The government also has insurance on your money so they guarantee you can't lose it. I don't think they could do that for bitcoin.

Money is everything that can be accepted between people as a medium of exchange. The money of the government is called “fiat”. If we decided to accept mushrooms as a way to transact, we'd essentially consider them money whether we were two people or a billion.

There is no such thing as a "trusted third party" there are just "third parties" in view of things.

I disagree. If I want to make an escrow, I'll choose someone I trust and thus, a trusted third party. When I want to send a message and I don't trust the administrators I won't have to reveal them the content of my message; I'll encrypt it. Thus, they'll simply be third parties.

I think usdc has a feature where they (THE ADMINS) can freeze particular addresses. I'm against that to be quite honest. But I'm all for each individual having soverignty to manage their own funds and freeze them if they had the ability to. THANKS.

How do you understand “freezing”? I do it as followed:  Someone suspends you from transacting your own money while you may have or not told them to.

[PrimeNumber7]

When I want to send a message and I don't trust the administrators I won't have to reveal them the content of my message; I'll encrypt it. Thus, they'll simply be third parties.

This is off-topic in this thread, however even if you are encrypting a message to someone, for most people on this forum, you are trusting that the administrator has not changed the displayed encryption key of the person you are interacting with. For example, I may make public an encryption key, 'ABC', however, it may be changed by the administration to 'DEF' and anytime anyone encrypts a message to encryption key 'DEF', the administration may automatically decrypt the message, store it for later reading, and encrypt the decrypted message to encryption key 'ABC'. Do I think the bitcointalk administration is doing anything like this? No, absolutely not, however, I would not rule it out on other forums, especially DNM forums.

I'm not sure why it is but I don't think I would trust anyone with holding my bitcoin for me.

Okay, good. If you use maximum measures to protect any third party from ever learning your private key, no third party will ever have the ability to spend any of your coin. No one can spend your coin without your private key. Your coin will be frozen until you sign and broadcast a transaction that spends your coin.

Many companies also utilize a "hot wallet" for smaller amounts whose private keys are stored on a computer connected to the internet, and a "cold wallet" for larger amounts whose private keys are stored on devices that never touch the internet. This setup is very similar to what you are asking for, as it is more difficult to spend any coin from the "cold wallet" and spending said coin requires additional steps.

[BlackHatCoiner]

This is off-topic in this thread, however even if you are encrypting a message to someone, for most people on this forum, you are trusting that the administrator has not changed the displayed encryption key of the person you are interacting with.

This includes that the keys have been transacted within this forum's private messaging system. The parties can communicate outside of the forum and exchange their keys there.

[larry_vw_1955]

Okay, good. If you use maximum measures to protect any third party from ever learning your private key, no third party will ever have the ability to spend any of your coin. No one can spend your coin without your private key. Your coin will be frozen until you sign and broadcast a transaction that spends your coin.

I get what you are saying but that's not entirely what I had in mind. I want to able to inactivate the utxos for the address so even if they know the private key, they won't be able to do anything. And I don't wanted to have to trust a 3rd party. So the suggestion below doesn't really help.

Many companies also utilize a "hot wallet"...

I don't want this to involve any other company.

People have suggested using a 2 of 2 multisig wallet that's not what I had in mind either. Although they don't see why it wouldn't do the same exact thing.

Money is different than bitcoin. Money belongs to the government and they control it.

The correct term is "fiat" not money.
Money is any object or verifiable record that is used for payment. So technically money is the bigger category that contains both fiat and bitcoin.

ok boss if you say so but if you read that wikipedia it does say

Money is historically an emergent market phenomenon establishing a commodity money, but nearly all contemporary money systems are based on fiat money.

So that means we can refer to fiat money as simply money. And everyone will know what I'm talking about right?

I disagree. If I want to make an escrow, I'll choose someone I trust and thus, a trusted third party. When I want to send a message and I don't trust the administrators I won't have to reveal them the content of my message; I'll encrypt it. Thus, they'll simply be third parties.

Who's your trusted third party? So we can all use them.

How do you understand “freezing”? I do it as followed:  Someone suspends you from transacting your own money while you may have or not told them to.

that's a bad form of freezing. the kind i'm talking about is initiated by the user themself as a form of protection of assets. there are issues with how to implement something like that but that's another story!


[moderator's note: consecutive posts merged]

[BlackHatCoiner]

Money is historically an emergent market phenomenon establishing a commodity money, but nearly all contemporary money systems are based on fiat money.

Yes, nearly all. Not all.

Who's your trusted third party? So we can all use them.

I have never used a third party for escrowing, I just gave an example. You can find bunch of such services here, though:

• Escrow Service of Bl4nkcode [Active]
• Dream's Marketplace ~ ESCROW SERVICE ($2 MILLION+) ~ Buy and Sell with Crypto
• 💹📈 Royse777🧢: Campaign Management, Translation & Escrow Service 💪🔥

that's a bad form of freezing. the kind i'm talking about is initiated by the user themself as a form of protection of assets.

And do what next? Be able to unfreeze them after a certain period of time? There's locktime for that.

[larry_vw_1955]

And do what next?

Do nothing until I need to unfreeze them and spend something. then freeze them back.

Be able to unfreeze them after a certain period of time?

No just whenever I want to.

There's locktime for that.

You would need to read over the whole thread...

[Pmalek]

I want to able to inactivate the utxos for the address so even if they know the private key, they won't be able to do anything.

Even the solution your bank is offering where you can freeze your credit card is a very basic form of protection. You said it yourself, all you need to do to freeze your card is log in to your online banking account and click the freeze button. That's it.

Why do you feel like that option is safer than creating an additional wallet protected with a separate passphrase? You can then move any coins you want to "freeze" to that new passphrase-protected wallet, and once you want to access them, you "unfreeze" your hidden wallet by entering the correct passphrase.

The passphrase and your banks' freeze option both offer a second layer of security on top of the first layer. The first layer being your credit card number + the CVV, and your seed phrase. Your second layer is the passphrase and your banking login details. Losing the first layer doesn't give anyone access to your money. Losing both, gives anyone who has it full control.

[BlackHatCoiner]

Do nothing until I need to unfreeze them and spend something. then freeze them back.

I think that you haven't understood something very important. The system works autonomously. The nodes have to somehow verify that you're indeed the owner of a certain address whether you want to spend from that address or “freeze” it. So, you'd still have to provide a digital signature for each “freezing” action you made. Thus, “freezing” wouldn't differ from spending outputs.

That's why it can't be implemented with the way you want. A third party is always required.

[larry_vw_1955]

I think that you haven't understood something very important. The system works autonomously. The nodes have to somehow verify that you're indeed the owner of a certain address whether you want to spend from that address or “freeze” it. So, you'd still have to provide a digital signature for each “freezing” action you made. Thus, “freezing” wouldn't differ from spending outputs.

I understand a person can't just spend bitcoin without providing a digital signature belonging to the private key on that address.

That's why it can't be implemented with the way you want. A third party is always required.

We'll see. I'm going to try and cook something up in my laboratory and post when I'm done.

[PrimeNumber7]

This is off-topic in this thread, however even if you are encrypting a message to someone, for most people on this forum, you are trusting that the administrator has not changed the displayed encryption key of the person you are interacting with.

This includes that the keys have been transacted within this forum's private messaging system. The parties can communicate outside of the forum and exchange their keys there.

You are correct, but I believe the practice you describe is rare for people communicating on this forum, which is why I said "for most people on this forum".

Do nothing until I need to unfreeze them and spend something. then freeze them back.

I think that you haven't understood something very important. The system works autonomously. The nodes have to somehow verify that you're indeed the owner of a certain address whether you want to spend from that address or “freeze” it. So, you'd still have to provide a digital signature for each “freezing” action you made. Thus, “freezing” wouldn't differ from spending outputs.

That's why it can't be implemented with the way you want. A third party is always required.

In theory, a second key could be used to "freeze" and "unfreeze" outputs, which is separate from the key used to sign said inputs.

I don't see any reason why something like this would ever be implemented because it would result in additional transactions that are freezing and unfreezing outputs, and it would make keeping track of the UTXO set more complicated, both without any meaningful benefit.

[BlackHatCoiner]

You are correct, but I believe the practice you describe is rare for people communicating on this forum, which is why I said "for most people on this forum".

If they believe they have something to hide, they will. Encrypting messages isn't compulsory, but with your consent, you can choose not to trust the specific third party. You can even transact the keys via USB and trust none.

In theory, a second key could be used to "freeze" and "unfreeze" outputs, which is separate from the key used to sign said inputs.

But, if it was somehow compromised, it could still be unfreezed by someone else. It wouldn't differ from the classic private key way that spends outputs and thus, it wouldn't have any reason of existence.

[PrimeNumber7]

In theory, a second key could be used to "freeze" and "unfreeze" outputs, which is separate from the key used to sign said inputs.

But, if it was somehow compromised, it could still be unfreezed by someone else. It wouldn't differ from the classic private key way that spends outputs and thus, it wouldn't have any reason of existence.

You could make the same argument about the OP's online banking credentials. Although, in theory, one might take additional steps to secure a "freezing" key to reduce the chances a malicious actor would be able to "unfreeze" coin.

I do agree that the OPs proposal is not something that would improve bitcoin. All of my coin is in a perpetual "frozen" state until I sign a transaction that moves my coin to another address with my cryptographic keys securing my coin. If anyone tries to move my coin without the required signature(s), all nodes, including the miners will reject this transaction as invalid. I was merely playing devils-advocate in giving a technical alternative to what others were proposing. 

[BlackHatCoiner]

What I'm saying is that there are no reasons to be the third party who would freeze/unfreeze your funds, since you essentially already do that with your private keys. Freezing is a “feature” that comes when the funds are under someone else's custody and they allow you to take actions with them in an extent. You don't own the funds, this is why you may get frozen until you provide a legitimate element which may be enough for them to unfreeze you.

Freezing funds is a condition where the trusted third party requires information from their client. Implementing what we've been discussing is like being able for a bank to freeze their own money.

[larry_vw_1955]

Freezing funds is a condition where the trusted third party requires information from their client. Implementing what we've been discussing is like being able for a bank to freeze their own money.

That's why banks have die packs so that they can make their own money unusable when someone try and steal it. Same idea boss. Someone got my private key but I freeze the address, well, they can't do anything. But that does bring up a good question. How would I know if someone had my private key? Because they might just be waiting until I unfroze the address to try and do a transaction. I better make sure I unfreeze quickly and broadcast a transaction with big fee right? I guess it would be nice to have some way of knowing failed transaction attempts using my private key. You know how credit cards can send you alerts when someone tries to use your card fraudulently? That might be asking for too much though.

[BlackHatCoiner]

That's why banks have die packs so that they can make their own money unusable when someone try and steal it.

I think that the known phrase “be your own bank” has made you think of Bitcoin falsely. A bank has customers. If we assume that every bank needs customers to operate, then you're not your own bank with Bitcoin; you just have 100% control over your funds.

Someone got my private key but I freeze the address, well, they can't do anything.

How did they gain access to your private key? If they gained access to it, what makes you think that they don't have the “freezing key” as well?

I better make sure I unfreeze quickly and broadcast a transaction with big fee right?

If they want to rip you off, they'll find a way. The easiest way that just came up to me is to run a node. Once you broadcasted your unfreezing state which would end up in the mempool, they'd instantly recognize it and broadcast their fraudulent transaction.

[o_e_l_e_o]

How would I know if someone had my private key? Because they might just be waiting until I unfroze the address to try and do a transaction.

So go back and use the multi-sig set up I suggested earlier in this thread. If someone steals one of your private keys, they can't do anything with it. You need at least two private keys to "unfreeze" the funds, and they can't wait for you to unfreeze and then attempt to steal your coins without having the second private key.

I guess it would be nice to have some way of knowing failed transaction attempts using my private key.

Either a transaction is valid and will be accepted by a node, or it is invalid and will be rejected and not broadcast to the network. Since you have no idea which node an attacker might try to send their transaction to first, you have no way of monitoring for invalid transactions. And any half intelligent attacker would not spam invalid transactions in the first place.

[larry_vw_1955]

How did they gain access to your private key? If they gained access to it, what makes you think that they don't have the “freezing key” as well?

Well obviously, if they had access to the "freezing key" as well then the funds would be gone and I could easily see that on the blockchain. The more interesting question is how would they know they had the freezing key? If they didn't get it from me then where did they get it?

If they want to rip you off, they'll find a way. The easiest way that just came up to me is to run a node. Once you broadcasted your unfreezing state which would end up in the mempool, they'd instantly recognize it and broadcast their fraudulent transaction.

That would be a disaster. But I guess that's one of the drawbacks of this method vs 2 of 2 multisignature. which doesn't have this problem. It's like your funds forever being held hostage. Kind of like someone that used "Call me Ishmael" as their brain wallet because they were reading moby dick.

[larry_vw_1955]

How would I know if someone had my private key? Because they might just be waiting until I unfroze the address to try and do a transaction.

So go back and use the multi-sig set up I suggested earlier in this thread. If someone steals one of your private keys, they can't do anything with it. You need at least two private keys to "unfreeze" the funds, and they can't wait for you to unfreeze and then attempt to steal your coins without having the second private key.

I honestly don't like the concept of needing 2 different private keys. I wish there was just a way to use a single private key. And still have the "freezing/unfreezing" feature. It's my understanding that even though private keys are 256 bits long, the address space is only 160 bits long. So Satoshi didn't use all 256 bits, he left 94 of them for us to be able to think up some super duper amazing thing to use them for to add extra security! The problem is how? It's not as easy as I thought.

And any half intelligent attacker would not spam invalid transactions in the first place.

i guess not. maybe they'd run their own node and try and spam invalid transaction to it first to see if it worked. but if they could look up an address and see that it was frozen then they wouldn't even bother doing that.

[NotATether]

In banking there's an equivalent term for that, it's called "block card". Once a card is blocked, it can't be unblocked (AFAIK).

It wouldn't make sense to add a freeze feature that you can unfreeze, because chances are the person with the private key will simply unfreeze it themselves. You need something to permanently freeze balance that you suspect is stolen, and unspendable transactions with OP_RETURN is what you're looking for.

It would be a better solution for exchanges and governments seizing laundered money instead of auctioning it away, it would also solve most of the AML drama since burned bitcoins cannot be sent to an exchange.

[PrimeNumber7]

How would I know if someone had my private key? Because they might just be waiting until I unfroze the address to try and do a transaction.

So go back and use the multi-sig set up I suggested earlier in this thread. If someone steals one of your private keys, they can't do anything with it. You need at least two private keys to "unfreeze" the funds, and they can't wait for you to unfreeze and then attempt to steal your coins without having the second private key.

I honestly don't like the concept of needing 2 different private keys. I wish there was just a way to use a single private key. And still have the "freezing/unfreezing" feature. It's my understanding that even though private keys are 256 bits long, the address space is only 160 bits long. So Satoshi didn't use all 256 bits, he left 94 of them for us to be able to think up some super duper amazing thing to use them for to add extra security! The problem is how? It's not as easy as I thought.

If you want to use the same private key to both "unfreeze" your coin and to spend your coin, your proposal is worthless. As has been noted above, if someone compromises your private key, they can both unfreeze and spend your coin. If your private key will not get compromised, there is no point in "freezing' your coin.

What I'm saying is that there are no reasons to be the third party who would freeze/unfreeze your funds, since you essentially already do that with your private keys. Freezing is a “feature” that comes when the funds are under someone else's custody and they allow you to take actions with them in an extent. You don't own the funds, this is why you may get frozen until you provide a legitimate element which may be enough for them to unfreeze you.

Freezing funds is a condition where the trusted third party requires information from their client. Implementing what we've been discussing is like being able for a bank to freeze their own money.

I was not referring to using a third party to freeze/unfreeze your coin. I was referring to using a second private key to freeze and unfreeze your coin. The end-user would control both private keys, but may employ different levels of security for each key.

[ABCbits]

So go back and use the multi-sig set up I suggested earlier in this thread. If someone steals one of your private keys, they can't do anything with it. You need at least two private keys to "unfreeze" the funds, and they can't wait for you to unfreeze and then attempt to steal your coins without having the second private key.

I honestly don't like the concept of needing 2 different private keys. I wish there was just a way to use a single private key. And still have the "freezing/unfreezing" feature.

At this point, we're in loop.

The only answer i can think is by creating cryptography signature from your private key.

OK. So it really can work is what you're saying?

What i say it won't work if you use private key for freeze/unfreeze address and spend your Bitcoin. The hacker who have your private key will simply unfreeze and spend your Bitcoin.

It's my understanding that even though private keys are 256 bits long, the address space is only 160 bits long. So Satoshi didn't use all 256 bits, he left 94 of them for us to be able to think up some super duper amazing thing to use them for to add extra security! The problem is how? It's not as easy as I thought.

The extra 94 96 bits usually seen as minor security weakness since 1 private key address is valid for 2^96 address private key (ignoring different public key representation, different address format, etc.).

[o_e_l_e_o]

I honestly don't like the concept of needing 2 different private keys.

In your theoretical set up, you still need two pieces of information - your private key and your "unfreezing" key, code, password, or whatever it is. What difference does it make if you swap that second piece of information for a second private key? In both set ups you need to back up and use two pieces of information to spend your coins.

So Satoshi didn't use all 256 bits, he left 94 of them for us to be able to think up some super duper amazing thing to use them for to add extra security!

The other 96 bits are still used, despite the address space being smaller. You can't cut the last 96 bits off of a private key and still derive the same addresses.

[j2002ba2]

The extra 94 96 bits usually seen as minor security weakness since 1 private key is valid for 2^96 address (ignoring different public key representation, different address format, etc.).

You mean 1 address is valid for 2^96 private keys.

[BlackHatCoiner]

That:

At this point, we're in loop.

We continuously try to justify why it makes no sense practically to implement this freezing feature while larry_vw_1955 believes that it'd be an improvement for Bitcoin. But, besides that, it doesn't hold water theoretically too. Freezing can't happen on your cash, only on IOUs. Bitcoin, can't operate in a creditable manner, because as said by its definition, it is a peer-to-peer electronic cash system.

Bitcoins aren't credit; if my transaction becomes confirmed, there's no debt from any parties. A confirmed transaction is a proof that both of them paid up.

[d5000]

I was about to write that you can achieve almost the same thing like freezing simply with two wallets with distinct security level (e.g. one with several encryption levels on a non-connected device / hardware wallet and one on pc/smartphone for everyday transactions) but then I saw that the core of this idea was already brought up by @vjudeu and @o_e_l_e_o.

1) Bitcoin address X wants to add the freeze feature. So it generates a special bitcoin address F.
[etc.]

The proposal you made in this post would probably work if the devs added the "additional check" for miners in the protocol. It could surely be programmed into a token, be it Bitcoin-based (e.g. via Counterparty or Omni) or an altcoin with expressive scripting language. Maybe you could try to make first a "token prototype" if you want this feature really to be tested.

However, its only advantage to the "two-wallet-solution" seems to be that transaction fees would be lower for the freeze/unfreeze transactions. In reality, only the "freeze" transaction would have a significant advantage, because in the "unfreeze" transaction we have only one UTXO to move.

An ideal solution of course would include Lightning, so we can get rid of the fees almost completely. I however don't know if this is possible in a really safe way. A very rough idea would be to create a "channel factory" (multi-party channel) with 3 nodes, where you control two of the nodes and a counterparty (which acts as your "connection" to the rest of the network) another one. You can then set up different credentials for both of your nodes (one with a higher security level, i.e. by multiple encryption), and when you want to freeze your coins, you simply transfer all your Lightning balance to the more secure one.

I disagree a little bit with DannyHamilton's post, while he obviousy is right about what he writes, I think trusting a third party in this particular case isn't really the point, the point being more to have two different "security levels" to switch between, like with the two-wallet-solution that o_e_l_e_o wrote or garlonicon's multisig idea.

[larry_vw_1955]

The extra 94 96 bits usually seen as minor security weakness since 1 private key is valid for 2^96 address (ignoring different public key representation, different address format, etc.).

94/256 equals about 36%. So what that means is the security of bitcoin was reduced by that percentage. Not saying it's still not reasonable secure but it did get reduced by 36%. Now if there was a way to recover some of that lost security and use it in the context of my freezing/unfreezing idea that's what I was thinking might be a compromise between people who thinking having a separate freezing key is too much of a pain in the ass. Why not just use the private key you have and some of it's unused 36% entropy. That way every bitcoin user could take advantage of it to further protect the funds on their address that begins with 1. Without having to do anything like create a multisig wallet.

[larry_vw_1955]

If you want to use the same private key to both "unfreeze" your coin and to spend your coin, your proposal is worthless. As has been noted above, if someone compromises your private key, they can both unfreeze and spend your coin. If your private key will not get compromised, there is no point in "freezing' your coin.

Well, except for the fact that there is a many to one relationship between private keys and bitcoin addresses. Just saying that it might be possible to have a way to implement the freeze feature so that not all of those "many" private keys would be able to perform the "freeze/unfreeze" operation. Wouldn't that be an increase in security? Not a huge increase but still some.

I'm not aware of people that ever got their bitcoin private key brute forced. it might have happened but the chances are that the hacker found a private key different than theirs but it still resolved to the same address.

[PrimeNumber7]

If you want to use the same private key to both "unfreeze" your coin and to spend your coin, your proposal is worthless. As has been noted above, if someone compromises your private key, they can both unfreeze and spend your coin. If your private key will not get compromised, there is no point in "freezing' your coin.

Well, except for the fact that there is a many to one relationship between private keys and bitcoin addresses. Just saying that it might be possible to have a way to implement the freeze feature so that not all of those "many" private keys would be able to perform the "freeze/unfreeze" operation. Wouldn't that be an increase in security? Not a huge increase but still some.

Say, for example, the scope of private keys is between 0 and 99, and each of those private keys will map to a public key that are associated with addresses a - z. The way that bitcoin addresses are calculated, each of the private keys associated with address "q" for example are (for all intents and purposes) randomly distributed.

I'm not aware of people that ever got their bitcoin private key brute forced. it might have happened but the chances are that the hacker found a private key different than theirs but it still resolved to the same address.

There are plenty of private keys that have been brute-forced. There are even thread about brute-forcing private keys. Other examples of private keys being brute-forced include when wallets intentionally use weak RNG, and an attacker is able to search private keys from a much smaller scope of private keys than the total scope of possible private keys. The attacker checks all the private keys from the reduced space, and steals coin accordingly, using the same private keys the user generated.

Generating a private key that is associated with an address that is associated with another private key someone else has generated associated with the same address is essentially zero. Further, if you have generated a private key associated with an address, you do not have any additional information that will make it easier to generate another private key that is associated with the same address.

[BlackHatCoiner]

94/256 equals about 36%. So what that means is the security of bitcoin was reduced by that percentage.

First of, he changed the 94 to 96. Secondly, the security of secp256k1 isn't 256 bits, but 128. It's just the compressed public key (excluding the prefix) that is 256 bits.

Why not just use the private key you have and some of it's unused 36% entropy.

Alright, here's a co-argument:  Why not replacing the RIPEMD160 (the one before the address' encoding) with SHA256? That way, there wouldn't be unused entropy.

Answer:  Just because a percentage of the entropy is lost (specifically 96 bits), it doesn't mean that the system becomes insecure. No one ever successfully found a private key by brute forcing unless it wasn't properly generated. As for the freezing feature, I explained you why it doesn't make sense.

That way every bitcoin user could take advantage of it to further protect the funds on their address that begins with 1.

All of the addresses end up to be just an encoding of 160 bits. (except P2WSH multisig)

[larry_vw_1955]

Alright, here's a co-argument:  Why not replacing the RIPEMD160 (the one before the address' encoding) with SHA256? That way, there wouldn't be unused entropy.

That's a question you would have to ask Satoshi. But at the very least maybe he could have used RIPEMD256 in which case there be a 256bit address space thus more security. I suspect the reason he used 160 is to shorten bitcoin addresses up a bit.

[larry_vw_1955]

Secondly, the security of secp256k1 isn't 256 bits, but 128. It's just the compressed public key (excluding the prefix) that is 256 bits.

Yeah I didn't think about that. But I guess it's true. So if the security of 160 bit addresses is only 128 bits then I guess the address space is not the weakest point. I'll have to go back to the drawing board.

[BlackHatCoiner]

That's a question you would have to ask Satoshi. But at the very least maybe he could have used RIPEMD256 in which case there be a 256bit address space thus more security. I suspect the reason he used 160 is to shorten bitcoin addresses up a bit.

And why not SHA512? That'd be 2²⁵⁶ times securer than RIPEMD256! You said this yourself; to shorten the addresses, to shorten the chain size.

Yeah I didn't think about that. But I guess it's true. So if the security of 160 bit addresses is only 128 bits then I guess the address space is not the weakest point. I'll have to go back to the drawing board.

That's true for the addresses that have revealed their public key, which means those that have spent outputs. If an address has never spent funds, then you only know its RIPEMD160 hash. This theoretically provides more security.

[o_e_l_e_o]

Why not just use the private key you have and some of it's unused 36% entropy. That way every bitcoin user could take advantage of it to further protect the funds on their address that begins with 1. Without having to do anything like create a multisig wallet.

As I said above, the 96 bits aren't lost or unused. But even if you assumed they were, these bits being lost or unused would not change the fact that bitcoin has 2¹²⁸ bits of security.

You need to decide whether you are trying to protect against someone brute forcing your private key (which will never happen) or discovering a back up of your private key.

This theoretically provides more security.

It does practically provide more security, but this only really becomes relevant when considering quantum computers in the relatively distant future.

[larry_vw_1955]

And why not SHA512? That'd be 2²⁵⁶ times securer than RIPEMD256!

Well it's like someone said, you start with a public key that is 256 bits. You can't get anymore entropy out of the address space than that. That's why using sha512 would be a waste of resources.

That's true for the addresses that have revealed their public key, which means those that have spent outputs. If an address has never spent funds, then you only know its RIPEMD160 hash. This theoretically provides more security.

I'm surprised that all the way throughout this whole thread not a single person has raised the objection that "this isn't how bitcoin addresses are supposed to be used, they are only supposed to be used one time. You're not even supposed to use a btc address more than once so there's no need to freeze and unfreeze it because once you use it for the first time, you're done with it forever!"


Now I'm sure everyone is going to use that as an argument why a freeze/unfreeze feature should not be part of bitcoin! The reality is though that people do use the same address over and over.

[o_e_l_e_o]

I'm surprised that all the way throughout this whole thread not a single person has raised the objection that "this isn't how bitcoin addresses are supposed to be used, they are only supposed to be used one time. You're not even supposed to use a btc address more than once so there's no need to freeze and unfreeze it because once you use it for the first time, you're done with it forever!"

I had assumed we were talking about wallets and collections of addresses rather than individual addresses. It is reasonable (even if not practical/possible) to want to freeze an address which is storing your life savings on it (or a portion thereof, since it is good practice to split large holdings across multiple different wallets), unfreeeze it to spend some portion of the coins on it, and then send the remainder to a different but also frozen change address. Alternatively to have some system which allows you to generate and freeze say 20 addresses at once, so you always have pre-frozen receiving and change addresses.

Incidentally, this all happens automatically when you use a multi-sig wallet, with every new receiving and new change address that you generated automatically protected by at least 2 different private keys.

[BlackHatCoiner]

Well it's like someone said, you start with a public key that is 256 bits. You can't get anymore entropy out of the address space than that. That's why using sha512 would be a waste of resources.

Fair point, but I was assuming we used a curve to avoid that waste of resources (like secp521r1). Anyway, my point was clear; there's no reason to increase the security that much. It becomes extravagant and makes the chain heavier.

Now I'm sure everyone is going to use that as an argument why a freeze/unfreeze feature should not be part of bitcoin! The reality is though that people do use the same address over and over.

I wouldn't say so, unless you do it on purpose. HD non-custodial wallets like electrum are made in a way to avoid reusing the same addresses. Once you spend money from one of your receiving addresses, the changes end up to a change address that was never used before. Once you spend from that change address, same thing happens. Even on custodial wallets like Coinbase, they never show you a previously generated address for deposit.

[larry_vw_1955]

Incidentally, this all happens automatically when you use a multi-sig wallet, with every new receiving and new change address that you generated automatically protected by at least 2 different private keys.

what kind of multisig wallet software are you talking about? because i actually created one by hand once but i couldn't find any software to use it with lol.

[BlackHatCoiner]

what kind of multisig wallet software are you talking about? because i actually created one by hand once but i couldn't find any software to use it with lol.

What do you mean that you created by hand? If you've used multi-sig in the past, how did you manage to do it so? Probably, the most known non-custodial multi-sig wallet out there is Electrum.

The example o_e_l_e_o gave you, correctly answers on what you want. You'll have to create a 2-of-2 multi-sig wallet, which means that for each address, it is required to provide two signatures to spend an output (not just one). Theoretically, you can consider one of them to be the freezing key and the other to be the private key that is used to spend outputs. Whoever gets access to your private key can't steal your funds unless they also gain access to the freezing key.

[o_e_l_e_o]

what kind of multisig wallet software are you talking about? because i actually created one by hand once but i couldn't find any software to use it with lol.

Yeah, as BlackHatCoiner has said, I would probably use Electrum to achieve what you are looking to achieve. If you want to be able to spend bitcoin on the go as you would with a credit card, but then "freeze" it when you are not planning to use it, then this is what I would do:

• Create a 2-of-2 multi-sig Electrum wallet using Electrum on your phone as one wallet and Electrum on an airgapped computer stored safely in your house as the second wallet. (Obviously using verified downloads, backing up the seed phrases on paper, and all the other usual security precautions.) Send your coins to this wallet.
• Create a standard Electrum wallet on your phone, which will be used as your daily hot wallet.
• When you want to unfreeze some of your coins, send a portion of them from the multi-sig wallet to the hot wallet. This will require signing a transaction from both your phone (which can be thought of as analogous to your credit card in this case), and your airgapped computer (which can be thought of as analogous to your credit card's freezing function). Return any coins you don't want to unfreeze as change to a new address in the multi-sig wallet.
• The coins you just unfroze by sending to your standard mobile wallet can be spent normally, as and when you desire.
• If you want to freeze them again, you can send them back to a new address in the multi-sig wallet. Since you are using your phone for both wallets, you can easily obtain a fresh multi-sig address while on the go.

The only downside I can see here is that you can only unfreeze coins when you are at home. You could work around this by replacing the airgapped computer with hardware wallet you can carry with you.

[garlonicon]

The only downside I can see here is that you can only unfreeze coins when you are at home.

To solve that, you can prepare some signed transactions upfront, in this way you can broadcast them without accessing your "freeze/unfreeze key", if you have 1 BTC, you can have some transactions spending for example 0.01, 0.02, 0.05 and 0.10 BTC, in this way the rest of your funds are safe, because all such transactions will unfreeze only a part of your funds, sending the rest to some fresh multisig address.

[o_e_l_e_o]

The only downside I can see here is that you can only unfreeze coins when you are at home.

To solve that, you can prepare some signed transactions upfront, in this way you can broadcast them without accessing your "freeze/unfreeze key", if you have 1 BTC, you can have some transactions spending for example 0.01, 0.02, 0.05 and 0.10 BTC, in this way the rest of your funds are safe, because all such transactions will unfreeze only a part of your funds, sending the rest to some fresh multisig address.

It's a good idea, but those coins in the pre-signed transactions do lose some security by doing this.

If I am carrying around pre-signed transactions moving multi-sig funds to my hot wallet, then those coins are really only as secure as those funds which are already in my hot wallet. If someone is going to compromise either me or my phone and steal the coins in my hot wallet, then they can probably steal the coins in these pre-signed transactions (which are presumably saved on my phone) as well. I suppose if you encrypted the transactions them then it does give you plausible deniability against a physical attack.

It's definitely still preferable to carrying a hardware wallet which can be wrench attacked to empty your entire multi-sig wallet, though.

[PrimeNumber7]

The only downside I can see here is that you can only unfreeze coins when you are at home.

There is also the issue of cost. Tx fees are cheap now, but they will not always be this way. If you want to unfreeze some of your coin, it will typically be because you want to spend it, thus it will probably not make sense to pay a fee that results in it taking days (or longer) to confirm when unfreezing your coin. Similarly, when freezing your coin, if you pay a fee lower than next block confirmation, while your tx remains unconfirmed, there is the potential for it to be double-spent by someone who has access to the private keys on the phone wallet (in your example).

[larry_vw_1955]

What do you mean that you created by hand? If you've used multi-sig in the past, how did you manage to do it so? Probably, the most known non-custodial multi-sig wallet out there is Electrum.

I mean I took 3 private keys and created a multisig address using a script that requires 3 of 3. Since I did everything from a script, there was no wallet software or anything. So I wasn't sure if I could import those private keys into some wallet software to let it help me do transactions. That's the problem. Not sure if electrum would help me with that problem, since I know it lets you create multisig wallets but if you already have existing one I dont know.

Oh, also I don't know if this is true but I read somewhere that you can actually use the redeemscript as your btc address instead of the p2sh address. Damn that would be cool. On the one hand, you're giving away your public keys but on the other hand, you can bypass the p2sh collission issue ... I know it's probably not reasonable to be using a redeemscript as an address but someone said you could. don't know how that would work! Hey joe, here's my btc address, you'll notice it's kind of long!

[larry_vw_1955]

Yeah, as BlackHatCoiner has said, I would probably use Electrum to achieve what you are looking to achieve. If you want to be able to spend bitcoin on the go as you would with a credit card, but then "freeze" it when you are not planning to use it, then this is what I would do:

[/list]

Solid advice, thanks. I wish I would have set it up that way to begin with. But I used a script to create a 3 of 3. I didn't stop to consider how hard it might be to actually spend from it. But I'll definitely try your idea in the future, seems like the way to go.

[BlackHatCoiner]

On the one hand, you're giving away your public keys but on the other hand, you can bypass the p2sh collission issue

I think you're somehow missing the point if a collision were to ever happen. I don't know exactly what's is written in the Bitcoin's source code, but just because you revealed the public keys doesn't mean that you get away the collision issue. In P2SH, the nodes firstly verify that the hash of the public keys gives you, indeed, the HASH160 you gave them at first, when you later want to spend from that multi-sig address.

But, if another set of public keys gives you the same hash once is hashed, both are considered correct during the verification part. The nodes won't realize that this multi-sig address with these public keys can't spend just because another person had spent in the past from one with the same hash, but with different keys.

If you want to get rid of the collision issue, just use P2WSH multisig. There are a total of ~2²⁵⁶ private keys you can use which is a smaller number than the total addresses you can create (2²⁵⁶). (Of course, there are still cases with collisions, but much less)

You can observe they're more supposedly secure in a brute force than the others from their length:

Code:

tb1q7hqy8sfea6nr5gfghjtl6emxfas9mv5rqragxppcfgxhwqdsu7psluzu2e (testnet)

[larry_vw_1955]

I think you're somehow missing the point if a collision were to ever happen.

I was talking about instead of hashing the redeemscript to get a p2sh address, you just use the redeemscript itself as the address. I never heard of that but someone said you can do that. not sure if it is true. But I took a redeemscript and pasted it into a block explorer and it said it wasn't a valid btc address. so either block explorers don't understand some addresses or that information was just wrong. i'm betting on the latter 

[o_e_l_e_o]

There is also the issue of cost.

In OP's initial proposal, he was suggesting having a second address which would control the frozen state of the primary address by way of sending special transactions to and from this second address. Given that, then the fees he would pay in my system are not significantly higher, and once taproot shrinks multi-sig transactions, won't be higher at all.

But I used a script to create a 3 of 3. I didn't stop to consider how hard it might be to actually spend from it.

What script? Generating all the keys for a multi-sig wallet on the same device at the same time negates a large portion of the additional security that a multi-sig brings. Also, please tell me you didn't send all your coins to an unfamiliar wallet before first testing you knew how to spend from said wallet?

[PrimeNumber7]

There is also the issue of cost.

In OP's initial proposal, he was suggesting having a second address which would control the frozen state of the primary address by way of sending special transactions to and from this second address. Given that, then the fees he would pay in my system are not significantly higher, and once taproot shrinks multi-sig transactions, won't be higher at all.

I wasn't even referring to the added cost of using multisig (although that is also a temporary issue), I was referring to the cost of moving your coin back and forth between your hot wallet and what is basically cold storage unnecessarily, and due to the nature of the goal of the setup, almost always having to pay 'next block' level transaction fees.

If you are not comfortable having a certain amount of coin in your hot wallet all the time, it is probably not a good idea to be moving that amount of coin to your hot wallet on any kind of a regular basis. If your hot wallet keys are compromised unknowingly, the attacker does not need to immediately spend coin from that hot wallet, and they probably won't if they know that a large amount of coin is regularly sent to said hot wallet.

IMO the proposed setup involves poor security practices, even if it meets the OP's (misguided) stated goals.

[larry_vw_1955]

What script? Generating all the keys for a multi-sig wallet on the same device at the same time negates a large portion of the additional security that a multi-sig brings. Also, please tell me you didn't send all your coins to an unfamiliar wallet before first testing you knew how to spend from said wallet?

Just a little script. Well that's the problem there is no wallet. When I made the address I guess I thought there has to be a way to import it into a wallet and then just spend from it but no! And yes you right that I didn't generate the 3 address on 3 different computers. probably not the best idea.

[o_e_l_e_o]

I was referring to the cost of moving your coin back and forth between your hot wallet and what is basically cold storage unnecessarily, and due to the nature of the goal of the setup, almost always having to pay 'next block' level transaction fees.

And as I pointed out, in OP's proposal he was still having to make a transaction to and from his special freezing address whenever he wanted to freeze or unfreeze the coins in his hot wallet, and he would be paying "next block" fees for these transactions too, meaning my multi-sig suggestion is no more expensive than his own proposal. I agree the fees are unnecessary and I would never do this, but it is not any more expensive than what he wanted to do anyway.

If you are not comfortable having a certain amount of coin in your hot wallet all the time, it is probably not a good idea to be moving that amount of coin to your hot wallet on any kind of a regular basis.

I agree, but the whole point of my multi-sig suggestion is that he doesn't need to unfreeze his entire stack at once as he would with his proposal. He can store, say, 5 BTC on his multi-sig wallet, move 0.1 to his hot wallet when he needs to spend it on the go, and return whatever he doesn't spend to his multi-sig at a later date.

[Kakmakr]

The "freeze" option is not a feature that was introduced for the Bank client, but rather a regulatory feature that was implemented to protect the Banks. They are not allowed to have "dormant" accounts, because those accounts might be used for money laundering.. (the excuse given to me from my Bank, when I did not use my Credit card for 8 months.)

This is 100% bullshit and just some excuse to "force" you politely to "use" your account... because "dormant" accounts does not generate "fees" and they need the "fees" to pay for their expenses.  

If Bitcoin implement something like this, then changes need to be made to the protocol and that will probably never happen.. because consensus for things like this is almost impossible... or alternatively something like the Lightning Network (side chains) can implement this.  

[kano]

If you run a core node with a wallet, your bitcoins are always 'frozen'.

Only those who know your private keys can spend them.

If others have access to your private keys, that would be considered the same as having access to your bank account login, and being able to press the 'unfreeze' button, and you also having given them full access to your cards that allow you to spend money in your bank account.

In reality, the concept is completely different between a bank and a core wallet:

Many people in the bank, and anyone who has enough access to your details can unfreeze your bank account.

Only those who have access to your wallet keys can spend your bitcoins.
So ensure they are secure ...

i.e. with a bitcoin core wallet, you are the bank, you must handle the security.
(and on a typical windows computer that security is almost non-existent)

[larry_vw_1955]

They are not allowed to have "dormant" accounts, because those accounts might be used for money laundering.. (the excuse given to me from my Bank, when I did not use my Credit card for 8 months.)

This is 100% bullshit and just some excuse to "force" you politely to "use" your account... because "dormant" accounts does not generate "fees" and they need the "fees" to pay for their expenses.  

Yah the old "money laundering" key word they love to pull that out of their asses from time to time lol. But when they do you know you better watch out!

[larry_vw_1955]

In reality, the concept is completely different between a bank and a core wallet:

Many people in the bank, and anyone who has enough access to your details can unfreeze your bank account.

Not only that but they can see everything you're doing, all the transactions, what you use your money for everything. And you have to keep in mind they are just people. People tell other people things that they find interesting or peculiar, people that don't even have any business knowing.

I know this is a bit off topic to the thread subject but still...

[Pmalek]

The "freeze" option is not a feature that was introduced for the Bank client, but rather a regulatory feature that was implemented to protect the Banks. They are not allowed to have "dormant" accounts, because those accounts might be used for money laundering.. (the excuse given to me from my Bank, when I did not use my Credit card for 8 months.)

This is 100% bullshit and just some excuse to "force" you politely to "use" your account... because "dormant" accounts does not generate "fees" and they need the "fees" to pay for their expenses.  

That's part of the problem. I have an acquaintance who works in a local bank in my country. That bank recently sent out letters to all their customers informing them that in a few months they are planning to introduce new monthly fees for bank accounts whose clients have no type of active time deposit. When I asked her what it was all about, she said that the bank has high costs in insuring money on accounts with no time deposits. Those costs are at a minimum or non-existent once a part of your money goes into some kind of investment fund or time deposit. It could all be bullshit, of course, but it could also be true. Whatever it is, they don't want to see your money just laying around in your account, not being used, they want a bigger piece for themselves.     

[BlackHatCoiner]

i.e. with a bitcoin core wallet, you are the bank, you must handle the security.

Isn't it a little idiotic to compare those two just because the bank and you with your keys must handle the security of your money? I find the phrase “Be your own bank” a little misleading; maybe “Be your own sovereign” would be more proper.

In contrast with your node:

• A bank is a business. The bank does what it does, to earn money, to be maintained. You run your node (mostly) for personal reasons; you don't buy Bitcoins cheaper and sell them higher, as a bank would do, but rather use it as a wallet, so you can transact money with it.
• The bank has to play with the government's rules. But, you shouldn't fault the bank for freezing accounts to supposedly protect the society from money laundering. That's a government's command.

[thecodebear]

Here's the answer the OP is looking for:

So OP is saying he can freeze his account so nobody with his credit card info can spend it. BUT, he can unfreeze it by logging into his account and clicking a button. If someone got his account credentials then they could just unfreeze it themselves. In Bitcoin the private key corresponds to both account credentials and credit card number. Just as if he gave away his bank login credentials an attacker could do whatever they want with his funds, in Bitcoin if he gave away his private key the same thing would happen. There's no private info that allows spending but doesn't allow account control, like with credit cards, it's all just simplified to a single key you need to keep private. So there is no "freeze" option in bitcoin because there is no lower barrier to spending the funds like just getting your credit card info, so a freeze option isn't needed and doesn't even make sense. You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen.

[larry_vw_1955]

So there is no "freeze" option in bitcoin because there is no lower barrier to spending the funds like just getting your credit card info, so a freeze option isn't needed and doesn't even make sense. You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen.

Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component

[kano]

So there is no "freeze" option in bitcoin because there is no lower barrier to spending the funds like just getting your credit card info, so a freeze option isn't needed and doesn't even make sense. You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen.

Security through obscurity (or security by obscurity) is the reliance in security engineering on design or implementation secrecy as the main method of providing security to a system or component

Bad comparison.

Security through obscurity is hiding 'how' something works, and thus not secure in the true definition of the word, since it can usually be reverse engineered.

Security with a private key is security by definition - as long as the private key is complex enough to make a brute force attack pointless.

[larry_vw_1955]

Bad comparison.

Security through obscurity is hiding 'how' something works, and thus not secure in the true definition of the word, since it can usually be reverse engineered.

Security with a private key is security by definition - as long as the private key is complex enough to make a brute force attack pointless.

Yeah but he said "You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen." That's a bad comparison too because just keeping something "hidden" doesn't mean it's "frozen". If someone finds it, that would automatically "unfreeze" it without needing a 2nd factor.

[garlonicon]

If someone finds it, that would automatically "unfreeze" it without needing a 2nd factor.

If you don't want to use multisig, you can just encrypt your private key with another private key, in this way you will still have single key that can be frozen/unfrozen (or rather encrypted/decrypted). Using a password is also possible, but less safe, because people are bad at generating strong passwords, that's why we use keys instead of passwords in the first place.

Also, you can encrypt signed transaction instead of encrypting your private key, in this way you can add some limits and restrict where funds can be sent after unlocking or how many coins could be sent somewhere, then you can never touch your private key as long as you don't want to change such conditions.

[larry_vw_1955]

If you don't want to use multisig, you can just encrypt your private key with another private key, in this way you will still have single key that can be frozen/unfrozen (or rather encrypted/decrypted).

Again, with your idea above there is no 2nd factor that is required to be able to spend from the private key if someone happens to know it. I appreciate that you think the way you generated the private key was clever, maybe it was but in the end, it's just a private key.

Using a password is also possible, but less safe, because people are bad at generating strong passwords, that's why we use keys instead of passwords in the first place.

Well I'm not so sure I can agree that people are bad at generating strong passwords. Am I limited to the password's length? Can I make it 5000 characters long?

[Wind_FURY]

Bad comparison.

Security through obscurity is hiding 'how' something works, and thus not secure in the true definition of the word, since it can usually be reverse engineered.

Security with a private key is security by definition - as long as the private key is complex enough to make a brute force attack pointless.

Yeah but he said "You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen." That's a bad comparison too because just keeping something "hidden" doesn't mean it's "frozen". If someone finds it, that would automatically "unfreeze" it without needing a 2nd factor.

I believe it’s your comparison that’s bad. You merely think in terms of Bitcoin as a “UI” without understanding the protocol running behind it. You may think the freeze feature of your credit card is “amazing tech”, but your bank can freeze your ability to use the system anytime, and without your permission. It’s truly a laughable comparison.

[Pmalek]

Yeah but he said "You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen." That's a bad comparison too because just keeping something "hidden" doesn't mean it's "frozen". If someone finds it, that would automatically "unfreeze" it without needing a 2nd factor.

You just explained how your bank protects someone from using you credit card. The fact that your card is "frozen" provides no security whatsoever if someone knows how to access your online banking account. If I have your login data, I can unfreeze the card with the click of a button. Where is the second factor authentification for freezing and unfreezing if it can be done with the same password and account?

[larry_vw_1955]

Where is the second factor authentification for freezing and unfreezing if it can be done with the same password and account?

Well obviously the 2nd factor is the physical card itself! I didn't think that was necessary to explain but I guess it is. You're not going to be able to use the card if you don't have it. It's just that simple.

[Pmalek]

Well obviously the 2nd factor is the physical card itself! I didn't think that was necessary to explain but I guess it is. You're not going to be able to use the card if you don't have it. It's just that simple.

I don't need the card. I just need the numbers on it, the CVV number, and its expiration date and I can shop with it online. With a little bit of research, I could also replicate those numbers on a blank card with a piece of hardware and withdraw money from ATMs as well if I unfreeze it or if it already is unfrozen.

So you consider your credit card the first level of security and your online banking account the 2nd level? OK. In that case, why is your hardware or software wallet (protected with a PIN or password) not the first level of security, and your private keys or seed phrase not the 2FA? If you don't consider that to be optimal, you can introduce a passphrase or multisignature setup like mentioned above.

[thecodebear]

Yeah but he said "You freeze your funds when you keep your private key hidden, so your bitcoin is already always frozen." That's a bad comparison too because just keeping something "hidden" doesn't mean it's "frozen". If someone finds it, that would automatically "unfreeze" it without needing a 2nd factor.

You just explained how your bank protects someone from using you credit card. The fact that your card is "frozen" provides no security whatsoever if someone knows how to access your online banking account. If I have your login data, I can unfreeze the card with the click of a button. Where is the second factor authentification for freezing and unfreezing if it can be done with the same password and account?

Yes exactly. Which was my point. Larry doesn't understand that there is no equivalently low barrier to using funds in bitcoin like getting someone's credit card number. We walk around with our credit cards with all the numbers on the card. That's a low level of security to stop someone from using your credit card, so a freeze function in the bank account is useful. But the freeze function is only useful if you keep your account credentials safe.

In Bitcoin we don't carry around a card that lets us spend our bitcoin, their is only the higher account-level security - the thing you absolute must keep private. So it makes no sense to say there needs to be a freeze function in bitcoin, that'd be like saying you need a second freeze function in your bank account that freezes someone from even accesses the account itself, but then you'd need yet another "higher" account to freeze and unfreeze your account, and you'd still end up with the same solution of keeping your higher account credential private to keep someone from being able to unfreeze your lower account and unfreeze your funds. it's just infinite regress.

What it comes down to is in any system you have to keep SOMETHING private. With banks you need to try to keep your credit card info private but you also carry that info around in your wallet and type it into websites all the time so it's not that private, but you absolutely must keep your bank login credentials private, because a "freeze" function means nothing if that's not private. In bitcoin there is no credit card number that allows someone to spend your money, it's all in the private key that you must keep private, so it is the bank equivalent to your funds ALWAYS being frozen until you decide to do spend. A freeze function in bitcoin is nonsensical, as I already explained in my previous comment that is being quoted by Larry. Your private key security IS the freeze in Bitcoin.

To say Bitcoin needs a "freeze" function is to say you don't understand how Bitcoin works, Larry.

[larry_vw_1955]

I don't need the card. I just need the numbers on it, the CVV number, and its expiration date and I can shop with it online. With a little bit of research, I could also replicate those numbers on a blank card with a piece of hardware and withdraw money from ATMs as well if I unfreeze it or if it already is unfrozen.

Yeah but there's no way you are going to get the CVV number and expiration date. You might be able to get the numbers of the card but I'm not even sure about that. Some credit cards don't display the entire account # on your online account for that exact security reason!

So you consider your credit card the first level of security and your online banking account the 2nd level?
OK. In that case, why is your hardware or software wallet (protected with a PIN or password) not the first level of security, and your private keys or seed phrase not the 2FA? If you don't consider that to be optimal, you can introduce a passphrase or multisignature setup like mentioned above.

You're confusing two very different things. You can't clone my credit card. It would take alot more than "a little bit of research". Plus, you could very well end up in jail if you weren't careful.  In addition, the PIN/password of a crypto wallet doesn't stop even yourself from cloning the wallet somewhere else with a new PIN/password of your own choosing. That's what people don't understand. They think they understand but they really dont.

[kano]

In addition, the PIN/password of a crypto wallet doesn't stop even yourself from cloning the wallet somewhere else with a new PIN/password of your own choosing. That's what people don't understand. They think they understand but they really dont.

Without the password, a copy of a core wallet using a password is useless.
It does not give you access to unencrypted data, the password is part of the decryption of that data.

[larry_vw_1955]

Without the password, a copy of a core wallet using a password is useless.
It does not give you access to unencrypted data, the password is part of the decryption of that data.

Yeah most wallets are not working that way though. all the pin/password does it secure the wallet ON THAT DEVICE. doesn't stop someone from importing the seed onto some other device and using a brand new password...you use core??

[larry_vw_1955]

In Bitcoin we don't carry around a card that lets us spend our bitcoin,

Because there is something people carry around that lets them spend their bitcoin. It's called their smart phone. lose that and you might lose your bitcoin!

To say Bitcoin needs a "freeze" function is to say you don't understand how Bitcoin works, Larry.

Well what if I said I wanted a way to "freeze" some bitcoin so that it can't be spent until a particular time in the future, at which point it would become "unfrozen", but if I wanted to, I could "refreeze" it. Would that also mean I didn't understand how bitcoin works? Why do I need to be able to specify for exactly how long I want it frozen for? What if I don't know exactly how long??

[Wind_FURY]

OP, you want a “freeze feature” that works as closely like that to your credit/debit card account issued by your bank? Find a Bitcoin service that holds your all your keys for you, that also has developed as nice UI/UX. Bitcoin might not be user-friendly, but it works as intended and has always upheld it’s main value proposition.

[larry_vw_1955]

OP, you want a “freeze feature” that works as closely like that to your credit/debit card account issued by your bank? Find a Bitcoin service that holds your all your keys for you, that also has developed as nice UI/UX. Bitcoin might not be user-friendly, but it works as intended and has always upheld it’s main value proposition.

that's easy to say but i don't know of any bitcoin service like that. unless my deposits are insured with them by the united states government then i can't really trust it. sorry.

[Pmalek]

You can't clone my credit card.

Ever heard of credit card skimming? It captures the info on the magnetic strip and steals the credit card number and the CVV code. A camera records you as you enter your PIN code. I read a story a few years ago about a guy who worked at a gas station who was skimming the cards of some of the customers. He would first give them a fake lookalike device to swipe their card and enter their PIN. After that he would say, crap the device isn't working. Please try this one. He would then connect the real one and have them pay what they owed. There are ways to do it.

Plus, you could very well end up in jail if you weren't careful.

That's unimportant at this point. We aren't discussing potential punishments. 

unless my deposits are insured with them by the united states government then i can't really trust it. sorry.

Bitcoin isn't insured by the US government or anyone else either. Do you trust and use it?

[o_e_l_e_o]

all the pin/password does it secure the wallet ON THAT DEVICE. doesn't stop someone from importing the seed onto some other device and using a brand new password

You keep changing the goalposts as to what you are trying to achieve and what attack vectors you are trying to protect against. If you are concerned about someone stealing your seed phrase, then simply extend it with a long and complex passphrase. This is different to the password which is only used locally to access your wallet file, and is instead combined with the seed phrase when deriving your private keys. If someone steals your seed phrase, they can still recover it but will recover a completely different wallet to the one which is recovered when also using your passphrase. Indeed, they won't even know that a passphrased wallet exists.

Or, you can also use the multi-sig setup I've described earlier in this thread. If someone steals one of the seed phrases, they can't do anything without also stealing a second seed phrase.

[BlackHatCoiner]

I think we've answered why Bitcoin does not have a freezing function from the very first page. Larry is constantly trying to refute others' valid arguments and the others restate their arguments to refute Larry's utopian proposal.

It's a loop.

[Wind_FURY]

OP, you want a “freeze feature” that works as closely like that to your credit/debit card account issued by your bank? Find a Bitcoin service that holds your all your keys for you, that also has developed as nice UI/UX. Bitcoin might not be user-friendly, but it works as intended and has always upheld it’s main value proposition.

that's easy to say but i don't know of any bitcoin service like that. unless my deposits are insured with them by the united states government then i can't really trust it. sorry.

Then sorry, Bitcoin is “only” an open source project that companies can build on top of it. If you can’t find a Bitcoin service/company with the UI, or the “freeze feature” that you like, then continue using your government-insured bank account’s credit/debit card.

[larry_vw_1955]

Then sorry, Bitcoin is “only” an open source project that companies can build on top of it. If you can’t find a Bitcoin service/company with the UI, or the “freeze feature” that you like, then continue using your government-insured bank account’s credit/debit card.

Well I think that's kind of the point isn't it? There is no such service/company. Anyone you hand over your private keys to makes your bitcoin way more insecure than it would be if you just kept control of it yourself. You acted like their are companies out there that you can actually hand over your bitcoin to and it's no big issue. Well maybe it isnt for you but I have standards one of them is it has to be insured by the government why is that so hard to appreciate? And besides, the title of the thread isnt "who can I hand over my bitcoin to so that I can freeze it whenever I wish". If such a company existed, then there is also the chance that they might put a freeze on your bitcoin without your permission as well. Or they might go out of business. Or get hacked. The list is endless. just like the postings on this thread 

[larry_vw_1955]

You can't clone my credit card.

Ever heard of credit card skimming?

Ever heard of cards with chips in them?

That's unimportant at this point. We aren't discussing potential punishments. 

Actually it's quite relevant as to why it's much riskier to try and steal peoples' credit cards and use them than to steal peoples' bitcoin. Their's more laws on the books I would imagine. Stealing crypto you just get a slap on the wrist perhaps.

Bitcoin isn't insured by the US government or anyone else either. Do you trust and use it?

Of course it's not. But everyone here seems to think the only way to have a freeze feature is if bitcoin gets hooked up with a financial institution/"trusted" bank which doesn't make any sense because then you don't even own your bitcoin because you handed it over to them lol. Do I trust and use it? I trust its security but use it for what exactly, I personally haven't found a real use case for it. Anything that I could do with bitcoin, I could do cheaper possibly more efficiently a different way. Maybe in the future though.

[larry_vw_1955]

I think we've answered why Bitcoin does not have a freezing function from the very first page. Larry is constantly trying to refute others' valid arguments and the others restate their arguments to refute Larry's utopian proposal.

It's a loop.

Yes I agree you have all given it your best shot about why bitcoin doesn't have a freezing function. Maybe I should open a new thread and entitle it "How to implment a freezing function in bitcoin" what do you think? Then we could talk about how to make that happen! See because CLTV freezes utxos. So freezing is not unheard of. It's just...

[Wind_FURY]

Then sorry, Bitcoin is “only” an open source project that companies can build on top of it. If you can’t find a Bitcoin service/company with the UI, or the “freeze feature” that you like, then continue using your government-insured bank account’s credit/debit card.

Well I think that's kind of the point isn't it? There is no such service/company.

 


That’s not Bitcoin’s fault.

Anyone you hand over your private keys to makes your bitcoin way more insecure than it would be if you just kept control of it yourself.

Insecure like trusting your bank to hold your money for you?

You acted like their are companies out there that you can actually hand over your bitcoin to and it's no big issue.

It is a big issue. That’s why I told you the comparison between Bitcoin and staying with your bank because of the “freeze function” is stupid.

Well maybe it isnt for you but I have standards one of them is it has to be insured by the government why is that so hard to appreciate?

Hahaha. It’s still not insured if the government, or the bank themselves enable their “freeze function” on your account. Not your keys, not your money.

And besides, the title of the thread isnt "who can I hand over my bitcoin to so that I can freeze it whenever I wish". If such a company existed, then there is also the chance that they might put a freeze on your bitcoin without your permission as well. Or they might go out of business. Or get hacked. The list is endless. just like the postings on this thread  

Then what function would a “freeze feature” be of use, if the key holder is in full control of the coins?

[ABCbits]

You can't clone my credit card.

Ever heard of credit card skimming?

Ever heard of cards with chips in them?

Ever heard of credit card shimming?

See https://www.zdnet.com/article/researchers-create-magstripe-versions-of-emv-and-contactless-cards/

Maybe I should open a new thread and entitle it "How to implment a freezing function in bitcoin" what do you think? Then we could talk about how to make that happen! See because CLTV freezes utxos. So freezing is not unheard of. It's just...

So far no one able to show their idea about to implementing "freeze" function without 3rd party, using same private key (to generate address) or other hack. So i doubt we'll see new idea.

[larry_vw_1955]

Hahaha. It’s still not insured if the government, or the bank themselves enable their “freeze function” on your account. Not your keys, not your money.

Any custodial solution they could be required to "freeze" someone's funds no matter what form they are in unless and this is a big one, they keep it hidden underneath their mattress. So all other things being equal, I prefer something to be insured. That way as long as the government and bank don't sieze my cash, it belongs to me! And if the bank happened to go bankrupt the government would step in and pay me back.

Then what function would a “freeze feature” be of use, if the key holder is in full control of the coins?

if bitcoin has the ability to allow people to freeze things at the UTXO level (in a certain sense) then I dont see why it is such a stretch to want to be able to freeze things at the ADDRESS level. not alot of people probably using the UTXO level freezing feature but it is there.

[Pmalek]

but I have standards one of them is it has to be insured by the government why is that so hard to appreciate?

You are in the wrong forum then. Nothing related to Bitcoin is supposed to be insured by a central authority/oppressor.

If such a company existed, then there is also the chance that they might put a freeze on your bitcoin without your permission as well.

That's exactly what your government-insured financial services providers can do. But they can't do it to your Bitcoin stored in non-custodial wallets, with or without a freeze function.

I personally haven't found a real use case for it. Anything that I could do with bitcoin, I could do cheaper possibly more efficiently a different way.

You are from the USA right? Check with your bank how much it would cost you in transaction fees to send a payment to the Balkans? After that, you can calculate how much the equivalent of that would cost if you spent one Bitcoin input, no matter where you send it. Consider if that is a use case or not.

And if the bank happened to go bankrupt the government would step in and pay me back.

Your money is insured up to a certain value, but depending on how much you have, not everything will be paid back as you say. For ordinary people, that should be enough though.

The Federal Deposit Insurance Corporation is an independent federal agency insuring deposits in U.S. banks and thrifts in the event of bank failures. As of 2020, the FDIC insures deposits up to $250,000 per depositor

Source 

[larry_vw_1955]

Nothing related to Bitcoin is supposed to be insured by a central authority/oppressor.

which is exactly why I would refuse to accept any solution to any problem that requires me to hand over my bitcoin to a 3rd party to gain some type of functionality.

That's exactly what your government-insured financial services providers can do. But they can't do it to your Bitcoin stored in non-custodial wallets, with or without a freeze function.

that's why non-custodial wallets are the preferred way to own bitcoin.

You are from the USA right? Check with your bank how much it would cost you in transaction fees to send a payment to the Balkans? After that, you can calculate how much the equivalent of that would cost if you spent one Bitcoin input, no matter where you send it. Consider if that is a use case or not.

It's not a use case FOR ME.  For someone else, using bitcoin might be the cheapest most cost effective way to send money from the usa to the balkans. I haven't done the research to know whether it is or not. But if somene else has and came to that conclusiion then more power to them.

[Wind_FURY]

Hahaha. It’s still not insured if the government, or the bank themselves enable their “freeze function” on your account. Not your keys, not your money.

Any custodial solution they could be required to "freeze" someone's funds no matter what form they are in unless and this is a big one, they keep it hidden underneath their mattress. So all other things being equal, I prefer something to be insured. That way as long as the government and bank don't sieze my cash, it belongs to me! And if the bank happened to go bankrupt the government would step in and pay me back.

That’s OK, and the system will work until it doesn’t. But people should know, and truly understand that, not your vault, not your money, and governments can lose control of the financial system. Bitcoin is a good fall back/back up.

Then what function would a “freeze feature” be of use, if the key holder is in full control of the coins?

if bitcoin has the ability to allow people to freeze things at the UTXO level (in a certain sense) then I dont see why it is such a stretch to want to be able to freeze things at the ADDRESS level. not alot of people probably using the UTXO level freezing feature but it is there.

It’s a front-end, UI issue, not a protocol issue. Ask your favorite Bitcoin wallet.

[larry_vw_1955]

That’s OK, and the system will work until it doesn’t. But people should know, and truly understand that, not your vault, not your money, and governments can lose control of the financial system. Bitcoin is a good fall back/back up.

I suppose if the us dollar ever became worthless so that people used it as toilet paper, MAYBE bitcoin could be some form of bartering value but that's just a maybe. Gold and silver would be more likely. Or other things like gasoline or food or shelter. Physical assets. Not intangibles.

It’s a front-end, UI issue, not a protocol issue. Ask your favorite Bitcoin wallet.

for the utxo freezing yeah, people should complain to their wallet dev team about that. but it's probably not going to help because people would end up freezing their bitcoin and not being able to spend it for YEARS. and then blaming the wallet.

[PrimeNumber7]

You can't clone my credit card.

Ever heard of credit card skimming?

Ever heard of cards with chips in them?

Ever heard of credit card shimming?

See https://www.zdnet.com/article/researchers-create-magstripe-versions-of-emv-and-contactless-cards/

Card skimming, or card shimming does not affect the end-user of a credit card, beyond a fairly minor inconvenience. While the law says that consumers have no more than $50 in liability when their credit card is stolen, most credit card issuers have "$0 liability" policies, and consumers are not liable when their credit card number is used due to a data breach. This is something that was pointed out on the first page.

Unless and until a third party is willing to insulate consumers from losses from "unauthorized" bitcoin transactions, the OP's proposal is moot. The only reason why a third party might be willing to cover these types of losses would be if the third party maintained exclusive control over the private keys controlling the coin. It should go without saying that this type of setup creates more problems than it solves.

I think we've answered why Bitcoin does not have a freezing function from the very first page. Larry is constantly trying to refute others' valid arguments and the others restate their arguments to refute Larry's utopian proposal.

It's a loop.

I have seen other people engage in similar behavior recently. I appreciate Larry's desire to improve upon bitcoin, even if his specific proposal is not something that should be implemented. I encourage Larry and others to come up with ways to improve bitcoin. I somewhat suspect that some people propose flawed ideas with the hope of having their idea implanted, and being able to write this on their resume.

[Wind_FURY]

That’s OK, and the system will work until it doesn’t. But people should know, and truly understand that, not your vault, not your money, and governments can lose control of the financial system. Bitcoin is a good fall back/back up.

I suppose if the us dollar ever became worthless so that people used it as toilet paper, MAYBE bitcoin could be some form of bartering value but that's just a maybe. Gold and silver would be more likely. Or other things like gasoline or food or shelter. Physical assets. Not intangibles.

Then from that that inefficiency something will be invented to make barter, and trade more efficient. In the internet, there needs to be a way to make a trade with a currency that users don’t need permission to use, that can’t be censored by an authority. It might not have a “freeze function”, but it’s enough to make your Heroine purchase from the dark market.

[PrimeNumber7]

Ever heard of cards with chips in them?

Ever heard of credit card shimming?

See https://www.zdnet.com/article/researchers-create-magstripe-versions-of-emv-and-contactless-cards/

Card skimming, or card shimming does not affect the end-user of a credit card, beyond a fairly minor inconvenience. While the law says that consumers have no more than $50 in liability when their credit card is stolen, most credit card issuers have "$0 liability" policies, and consumers are not liable when their credit card number is used due to a data breach. This is something that was pointed out on the first page.

Minor inconvenience? I disagree since there's real concern if technology illiterate user use their credit card on physical store. At least in my country, there are few news where rouge worker perform skimming/shimming when user give their credit card to the worker. Besides, i merely mentioned about shimming to show that card with chips isn't 100% secure.

If your card information is stolen by a criminal via whatever means, the end-user is not going to pay for any unauthorized transactions. So if your card is skimmed/shimmed, you can complete some paperwork, wont be able to use your card for a number of days while the bank sends you a replacement card, and you will not be on the hook for unauthorized transactions.

What are you saying is the loss to the end-user beyond an inconvenience? If you use a card at a restaurant for example, it will be out of your possession, and the staff can do whatever they want with it, but this will not affect the end user.

[larry_vw_1955]

Then from that that inefficiency something will be invented to make barter, and trade more efficient.

You mean like bitcoin?

In the internet, there needs to be a way to make a trade with a currency that users don’t need permission to use, that can’t be censored by an authority.

Well I definitely agree with that. But the problem is you're glamorizing the process more than it deserves. Users do need permission to engage in bitcoin to be quite honest. Where are you going to get bitcoin from? Oh that's right you have to buy it from a 3rd party and they need to know who you are so the government can be satisfied. And that 3rd party could be notorious for freezing peoples bitcoin and locking their account for weeks if not months. How's that sound?

[larry_vw_1955]

I have seen other people engage in similar behavior recently. I appreciate Larry's desire to improve upon bitcoin, even if his specific proposal is not something that should be implemented. I encourage Larry and others to come up with ways to improve bitcoin. I somewhat suspect that some people propose flawed ideas with the hope of having their idea implanted, and being able to write this on their resume.

flawed ideas??

you can't be talking about me!

[larry_vw_1955]

Another possible way to implement this freezing functionality is to have special address (lets say it starts with F) that can only be used to hold funds from a normal btc address. These addresses would provide extra security since even if they were compromised the hacker would not be able to do anything with the money except to send it back to the address it corresponded to. And that would only be possible if they unfroze the address first. Because you can't send money to a frozen address.

In a sense then it boils down to how does one connect a normal btc address to one of these new address types that start with an F? And once they have made this connection, how do they go about freezing and unfreezing? In the frozen state, what happens if new funds get sent to the frozen address?

You guys rock, I mean you're so smart!